Another great curated list of AI x web3 security tooling. AI auditors, agent toolkits, on-chain ML monitoring, and benchmarks.
github.com/marchev/awesom…
Layoffs everywhere. We're pushing harder🫡
Formal verification, fuzzing, blackhat-mode review.
The attackers didn't slow down, so neither did we.
Web3 security isn't a solved problem. It's a young one!
Free Web3 security hub, actually curated 🫡
Roadmaps for EVM, Solana, Move, Cairo, ZK. Tools by analysis method. Everything tiered by how much it matters.
github.com/Raiders0786/we…
🚨 Latest ERC-4626 Business Logic Flaw
A custom vault on Base & Arbitrum double-paid the WETH side of its Uniswap V3 LP during redeem().
totalAssets() already included the WETH value, but redeem() transferred the WETH again, paying it twice.
💸 Result: ~34 WETH (~$53K) drained
solidity devs: reentrancy, overflow, oracle games
daml devs: your counterparty just archived your IOU and there's nothing you can do about it
different chain, different pain. 8 daml vulns:
github.com/SCAuditStudio/…
Solid resource if you're tracking LLMs for vulnerability detection. Function-level, repo-level, agentic, smart contract, plus the datasets and benchmarks. Bookmark it! 🫡
github.com/huhusmang/Awes…
ZK Journey (Old but gold) 🫡
Journey into learning ZK. It is NOT a list of awesome resources; it’s the path I’ve taken in demystifying ZK
📌 Core Beginner Resources
📌 Theoretical Deep Dives
📌 Practical Deep Dives
📌 ZK Vulnerabilities
sunrise-clerk-234.notion.site/Hickup-s-ZK-Jo…
1/
Multipli v2 migration is complete.
Your funds have now been moved into your upgraded Multipli v2 account.
Thank you to everyone who migrated with us and helped make this transition possible.
v2 is a major step forward for Multipli, and the foundation for what comes next.
Audits harden the code. Bug bounties harden it more. Then someone phishes the deployer key and none of it matters. Most DeFi losses in 2025-26 came from compromised keys, not contract bugs.
Read this: blockaid.io/blog/compromis…
The definitive reading list for anyone building AI into their security workflow. Every serious paper on LLMs for vuln detection - function-level to agentic to smart contracts - indexed and updated daily.
github.com/huhusmang/Awes…
You researched that same attack pattern 3 times across 3 projects, starting from scratch each time.
Here's a second-brain setup that ingests your writeups and lets you query them instantly. No RAG pipeline required
labs.secengai.com/p/how-to-build…
Spent weeks on a valid bug, then got ghosted on the payout? There's now a public ledger naming programs that scam researchers. Submit your unresolved reports, hold vendors accountable.
bugbountyscam.com