SolidityScan

🚀 Big news! SolidityScan is now integrated with @soneium, bringing seamless smart contract security to your fingertips. Easily access security scores, gain real-time insights into vulnerabilities, and explore full threat reports — directly from verified contracts on Soneium.

Paradigm proposes “PACTs” to prep for a worst-case quantum future on Bitcoin. Idea: timestamp proof you control an address now, so funds could be reclaimed later—without moving coins or signaling activity onchain. #Bitcoin #Security

Report: 500+ long-dormant Ethereum wallets were drained (~260 ETH / ~$800K). Funds were reportedly consolidated and routed via THORChain, pointing to wallet-key compromise rather than a DeFi contract bug. #Ethereum #Security

Aftermath Finance paused its Sui perps after an exploit. Sui Foundation + Mysten Labs say they’re working on fund recovery, and Aftermath says users will be made whole (zero losses). #DeFi #Security

Wasabi Protocol exploited across multiple chains after an admin/deployer key compromise. Attackers gained privileged roles, upgraded contracts, and drained funds. Avoid interacting with Wasabi contracts until official all-clear. #DeFi #Exploit

@CredShields @InspiraLabsHQ @yellow__capital @Yellow 🙌

We're live on the 10X Founders Demo Day stage 🎯 CredShields is one of 12 projects selected out of 150+ applicants for the 10X Founders Demo Day, hosted by @InspiraLabsHQ, @yellow__capital and @yellow On May 1, we'll be pitching live in front of: 🟢 Tom Dunleavy (Varys Capital) 🟢 Aleksandr Nechaev (Funders VC) 🟢 Jessie Xiao (Starknet Foundation) 🟢 Charles Harding (Magnus Capital) 🟢 Eddy Travia (Coinsilium Group) 🟢 Mick (Draper Associates) CredShields secures Web2 and Web3 for enterprises and projects with AI-powered audits via @SolidityScan and CredShieldsOne. Being chosen for demo day is a huge validation of our mission and an incredible opportunity to bring out our vision. 🔗 luma.com/x1uvhjxj

SWEAT (NEAR) disclosed a token-contract exploit (~13.71B SWEAT, ~65% of supply; Blockaid est. ~$3.5M). Team says contract was paused, MEXC froze attacker activity, Rhea paused trading, and external balances were restored. #Web3Security #DeFi

Syndicate says it detected unusual $SYND movements tied to a compromise of the Commons bridge. Security monitors report ~18.5M SYND sold for ~ $330K and proceeds bridged to Ethereum. #Web3Security #DeFi

Security incident: Trading Protocol’s YieldCore-3rd-deal vault was reportedly exploited for ~US$398K. Cause cited: missing caller authorization checks enabling unauthorized withdrawals. #DeFi #SmartContractSecurity

Security alert: GlassWorm is back on Open VSX. Reports cite 73 “sleeper” VS Code extensions that can turn malicious after an update; at least 6 were observed activated to deliver malware. If installed: rotate secrets & clean your dev env. #Security #Web3

ZetaChain says its GatewayEVM contract was attacked and has paused cross-chain transactions as a precaution. Team says only internal wallets were impacted and no user funds affected so far. #Web3Security #DeFi

AWS Marketplace is integrating Chainlink services (Data Feeds, Data Streams, Proof of Reserve) to help builders connect AWS infrastructure with smart contracts and tokenized-asset apps. #Web3 #Chainlink

Scallop (Sui) says a vulnerability in an auxiliary contract tied to its sSUI reward pool led to ~150,000 SUI lost. Team says the affected contract is frozen, core contracts are secure, and it will cover 100% of losses. #Web3Security #DeFi

Litecoin reported a zero-day in its MWEB privacy layer that led to a 13-block reorg to remove invalid transactions. Attackers reportedly used the ~3+ hour fork window to attempt double-spends vs cross-chain swap protocols; some losses were reported. #Litecoin #Web3Security

Mantle proposes lending up to 30,000 ETH to Aave DAO to help cover bad debt linked to the Kelp DAO rsETH exploit fallout. The plan includes yield terms and collateral/risk protections. #DeFi #Security

Project Eleven says a researcher derived a 15-bit elliptic curve key on a public quantum computer, claiming the largest ECC “quantum attack” to date. Still far from 256-bit real-world crypto, but fuels post-quantum migration urgency. #CryptoSecurity #Quantum

Security incident: SlowMist reports GiddyDeFi’s GiddyVaultV3 was exploited (~$1.3M). Cause cited: incomplete EIP-712 signature coverage enabled signature replay + parameter substitution. If exposed, review approvals/positions and monitor official updates. #DeFi #Security

Starknet’s v0.14.2 “Shinobi” upgrade is now live on mainnet (Apr 21). It adds native STARK proof verification (SNIP-36) and introduces privacy-focused building blocks (incl. groundwork for shielded transfers). #Starknet #Web3Security

Tether says it supported freezing >$344M USDT on Tron across 2 addresses after U.S. authorities flagged the wallets for illicit activity. Tether says it coordinated with OFAC + U.S. law enforcement; the underlying case wasn’t named. #USDT #CryptoSecurity

Sui ecosystem: Volo says Volo Vaults were hit by a security vulnerability, with ~US$3.5M (WBTC, XAUm, USDC) stolen. Team says vaults are frozen and partners (incl. Sui Foundation) were notified. #Web3Security #DeFi

France: a family in Ploudalmézeau was reportedly held at gunpoint and forced to transfer ~€700,000 (~$820k) in crypto. Reminder: tighten opsec (no public bragging, reduce exposure, plan for physical security). #CryptoSecurity #OPSEC