f00l

I Saved Injective's $500M. They Pay Me $50K. I like hunting bugs on @immunefi . I'm decent at it. - #1 — Attackathon | Stacks - #2 — Attackathon | Stacks II - #1 — Attackathon | XRPL Lending Protocol - 1 Critical and 1 High from bug bounties (not counting this one) Life was good. Then I found a Critical vulnerability in @injective . This vulnerability allowed any user to directly drain any account on the chain. No special permissions needed. Over $500M in on-chain assets were at risk. I reported it through Immunefi. The next day, a mainnet upgrade to fix the bug went to governance vote. The Injective team clearly understood the severity. Then — silence. For 3 months. No follow up. No technical discussion. Nothing. A few days ago, they notified me of their decision: $50K. The maximum payout for a Critical vulnerability in their bug bounty program is $500K. I disputed it. Silence again. No explanation for the reduced payout. No explanation for the 3 month ghost. No conversation at all. To be clear: the $50K has not been paid either. I've seen others share bad experiences with bug bounty payouts recently. I never thought it would happen to me. I can't force them to do the right thing. But I won't let this be forgotten. I will dedicate 10% of all my future bug bounty earnings to making sure this story stays visible — until Injective pays what I deserve. Full Technical Report: github.com/injective-wall…

@ma1fan what is this panel?

Lol, Rust audits are consuming most of my time lately. How about you?

My writeup of the 2023 NSO in-the-wild iOS zero-click BLASTDOOR webp exploit: Blasting Past Webp - googleprojectzero.blogspot.com/2025/03/blasti…

@AshiqAmien @fuzzland_ can't send dm to you

I published some writeups for the @fuzzland_ BlazCTF from this weekend: ashiq.co.za/posts/BlazCTF-… If anyone is keen to collab on web3 CTFs in the future lmk 🤠

rank 14 solo. really interesting game. learn a lot of things from this CTF.

@LeoQ7_ @fuzzland_ so strong

It was my first time competing in a Solidity-focused CTF. Learned Solidity the hard way😂 My colleague and I finished 8th! Huge thanks to @fuzzland_ for hosting this amazing CTF!

@tonyke_bot really interesting game

just release an interesting chal 🤣🤣 enjoy!

@ma1fan is this found by fuzzer?

Happy Friday 😎🍺This bug is very interesting and complex

@Y1nKoc my dear dalao, plz daidaiwo

It's my first CVE in Apple!

@ma1fan @0_x_0_0_0 教教我

@0_x_0_0_0 快进来，教你真正的技术

I have create a web3 security telegram group, Welcome to join our technical community. In this group, I will share some original security technologies as soon as possible, and discuss and exchange real web3 security technologies together. t.me/+QnrDM5RnAbczN…

@zh1x1an1221 @PatrickAlphaC 成功！

Under the guidance of several web3 friends, I tried to find some web3 bugs. Currently, 3 high and 2 medium in code4rena. Recently, I spent a day trying @PatrickAlphaC Codehawks and found the first one. Although it is low-risk, it is also very happy.

@JonLion15 fee exemption?

what's wrong with this code?

repay the debt of DSA for drain all funds (it would trigger a health factor check if dont repay the debt lead to only get partial of funds)

build such a external call sequence's swap data: 1. approve 1wei usdc token of connector for DSA contract 2. calling executeAction for switching 1wei usdc to all weth 3. calling weth transferFrom to get the token

The root case of DoughDsa hack is because of arbitrary external call in `deloopAllCollaterals` function which is called by `executeOperation` function in connector contract.

@WangTielei Execuse me, is this vulnerability fixed in iOS 17.3 and not in 17.4 actually?

Still interested in exploiting IPC memory corruptions on Apple devices? Try this one: CVE-2024-27801, UAF in the low level implementation of NSXPC that has been present since the initial release of NSXPC (over decade ago). POC: github.com/wangtielei/POC…

@WangTielei Is this bug eligible for a bounty?🤪

Long time no research share! Back with some interesting bugs. Let's start with CVE-2024-27842. UDF is a kernel extension that's been on macOS for decades. The vuln lies in VNOP_IOCTL, where an arbitrary cmd can be sent to an arbitrary vnode, leading to memory corruptions.

@myanTokenGeek 您好，非会员无法DM您

有没有熟悉 EVM 区块链智能合约开发、基本掌握 Rust、勤奋好学、愿意拜在明师下实战 Solana 应用协议的年轻人？

they’re called 0days because ive found 0 of them