SecLat

Un hilito con los protocolos que hemos ayudado a proteger 😀👇

Most smart contract exploits are not “complex hacks”. They’re broken assumptions between components. One missing check can cost millions. That’s why protocol architecture reviews matter as much as line-by-line audits. - 7/7

Core lesson: 1.- A missing access control in a vital function can allow an attacker to drain your protocol. 2.- Signer validation != spending authorization. Authentication and inventory ownership must always be cryptographically bound to the SAME address. - 6/7

🚨 $5.87M drained from TrustedVolumes in ONE transaction. No private key leak. No oracle manipulation. No governance attack. Just 3 bugs chained together. 🧵👇 - 1/7

Don't make the mistake of thinking that if you don't verify the contract, it cannot be hacked. Audit your contracts before deployment to strengthen your security. Send us a DM if you're looking for an audit. 2/2 polygonscan.com/address/0xa184…

Ink Finance was hacked due to an access control bug in a function, yeah, this type of bugs still happens in web3. The contract wasn't verified on-chain, even though it got hacked. 1/2

Seclat Security blog is online. We'll be sharing content on web3 security, blockchain, and smart contracts. You can read it in English or Spanish; select your preferred language on the website. Support us by retweeting and following to reach more people. seclat.xyz/es/blog

Don't wait until your protocol is hacked to request an audit; do it before a hacker steals all your protocol's funds and your users' data. Contact us via DM here or by email through our website: seclat.xyz

Another day, another hack in #Web3 AI is accelerating the attacks to different protocols, security-related work is more important now than ever!!

⚠️ Critical Apache HTTP Server Flaw Exposes Millions of Servers to RCE Attacks Source: cybersecuritynews.com/apache-http-se… The Apache Software Foundation has released a critical security update for Apache HTTP Server, patching five vulnerabilities, including a dangerous double-free flaw capable of enabling Remote Code Execution (RCE) in version 2.4.67, released on May 4, 2026. All users running version 2.4.66 or earlier are strongly urged to upgrade immediately. The most severe of the five vulnerabilities is CVE-2026-23918, rated High with a CVSS base score of 8.8. The flaw is a double-free memory corruption bug triggered within Apache's HTTP/2 protocol implementation during an "early stream reset" sequence. #cybersecuritynews #vulnerability

For this quadratic funding round, it's more important that 100 people donate $1 each than one person donate $100, because the fund is based on the number of users who donate, not the total amount donated. Thank you all in advance!

The round starts on April 21st, and every dollar donated helps us receive support from @thedaofund to continue our work educating users to create a safer ecosystem.

Friends, we've registered Seclat Security Education to participate in the @ethereum security foundation's Quadratic Round funding on @Giveth. We're asking for your support for our project so we can continue sharing completely free security education in Spanish.

para la ronda de fondeo cuadrático es mas importante que 100 personas donen 1 usd cada uno a que una sola persona nos done 100 usd, porque el fondo apoya en base a la cantidad de usuarios que donaron al proyecto y no la cantidad de dinero donado. Gracias a todos por adelantado!

La ronda empezara el 21 de abril y cada dolar donado nos ayuda a recibir apoyo de @thedaofund para continuar con nuestra labor de educar a los usarios para generar un ecosistema mas seguro.

Registramos Seclat Educacion en seguridad para participar en Quadratic Round funding de la @ethereum security fundation en @Giveth por lo que pedimos su apoyo a nuestro proyecto para seguir compartiendo educación en seguridad complemente gratuita y en español

@hammurabidil está aplicando para el grant de @arbitrumdao_gov Donde ofrecen financiamiento para auditorías de seg, yo coticé la mía con @SecLat_Security Empresa latina con altísimo talento que incluso a colaborado con @Uniswap