MoveBit
743 posts

MoveBit
@MoveBit_
Sub-brand of @0xbitslab. A security team focused on the Move ecosystem, building the standard and delivering security audits for the Move ecosystem.

1/ The Aptos Security Marketplace from Areta Market is now live on @Aptos! Proven across 10 ecosystems, 2k+ quotes submitted, and up to 30% average cost savings per audit. Alongside the Aptos Foundation, we’re excited to make top-tier security accessible to Aptos builders. → aptos.areta.market








🚨 On-Chain Forensics | Ink Finance @inkfinance @0xPolygon On May 11, 2026, an attacker drained $165,162 USDT0 from Ink Finance's Treasury — by impersonating a "legitimate" claimer and walking right through claimPayroll(3). Net profit: ~$140K. Cost to attacker: a flash loan and a fake interface. Full breakdown 🧵👇




It took one character to break it. `|` — that's all an attacker needs to bypass nanobot's Channel allowlist and slip into the Agent Loop with full access to whatever tools the deployment exposes. CVE-2026-31977. The first vuln BitsLab found in nanobot. Read on ↓





🚨 Incident Analysis: Volo Protocol (Sui) Vault Exploit On 2026-04-21, Volo Protocol on Sui suffered a vault theft resulting in ~$3.27M in direct losses, plus ~$230K in LP share-ratio collapse — combined impact of ~$3.5M. BitsLab's post-incident analysis below. 👇





