B3rn3g3n! ⚙️🛸 E-Beggar.ink (🐢,💚)

1/ Recently an unnamed source shared data exfiltrated from an internal North Korean payment server containing 390 accounts, chat logs, crypto transactions. I spent long hours going through all of it, none of which has ever been publicly released. It revealed an intricate ~$1M/month scheme of fraudulent identities, forged legal documents, and crypto-to-fiat conversion. Enjoy the findings!

Circle was asleep while many millions of USDC was swapped via CCTP from Solana to Ethereum for hours from the 9 figure Drift hack during US hours. Value was moved and nothing was done yet again. Comes days after you froze 16+ business hot wallets incompetently which is still being slowly unfrozen. @circle @jerallaire @usdc are bad actors for the industry.

We are observing unusual activity on the protocol. We are currently investigating. Please do not deposit funds into the protocol while we investigate. This is not an April Fools joke. Proceed with caution until further notice. We’ll provide additional updates from this account.

The Drift Protocol exploiter is swapping the $270M+ stolen assets into $USDC, then bridging to #Ethereum to buy $ETH. 🚨 So far, they have bought 19,913 $ETH ($42.6M). intel.arkm.com/explorer/addre… x.com/lookonchain/st…

not 100% fully certain yet, but it seems drift might be getting exploited monitor your positions

Status update: No vaults or contracts are affected. All depositor funds are safe. No other service accounts appear to be compromised. Earlier today, a presumed phone call-based social engineering attack on OVH Cloud allowed an attacker to gain sensitive access to steakhouse dot financial domain management. The attack vector involved changing DNS A records for the main page and app subdomain to a malicious IP. The attacker furthermore attempted to initiate a domain transfer with a 5-day timelock. Those changes have been reverted and are now intentionally pointing to blank records until we can confirm the account is fully secure. We are in contact with OVH and are actively working to fully resolve the situation. Do not interact with steakhouse dot financial properties (website, emails) until we confirm resolution. Further updates and a post-mortem will be released with full detail as soon as possible.

@MoodyMights 0x0B8FE9b3Ae693315dFE4617328220c35135D077d

We called the new season CYBERPUNK With everything we’re about to drop… we should’ve called it KILLSHOT 🔫 “MoOdy iS JuSt tRaNsAcTiOn cLiCkS bRo” 🌚 ✳️Drop your AGW below (24h)

Startale App is now integrated with Soneium Portal, bringing Season 7 Score access directly to the app. Complete the campaign, powered by @GalxeQuest , earn your Soneium Score, and collect an exclusive NFT. ✅ Follow us on @StartaleGroup ✅ Follow @Soneium ✅ Retweet this post ✅ Visit the Startale App website 🔗 app.galxe.com/quest/Startale…

🚨 @SolvProtocol has been exploited for $2.7M The BitcoinReserveOffering (BRO-SOLV-20MAY2026) contract's mint() function has a double-minting flaw. When a user mints by transferring a full ERC-3525 NFT, doSafeTransferIn triggers the onERC721Received callback which mints BRO tokens to the caller, and then mint() itself mints again for the same amount. The attacker looped burn→mint 22 times, turning 135 BRO into 567M BRO, then exchanged the inflated BRO for 38 SolvBTC (~$2.73M) via Solv's exchange contract. TX: etherscan.io/tx/0x44e637c7d… Victim: etherscan.io/address/0x014e… (BRO-SOLV-20MAY2026)

Just joined Noon League 🌞 Long-term rewards. Real progress. Built to last. Live Now On: @noon_capital app.noon.capital/league.html?v=…

Pendle Update - 24/02/26 Mucho Bullish: - vePENDLE rewards for January distributed (~730k USDT + $sENA and $RESOLV airdrops) - Pendle is building the interest rate layer of DeFi x.com/DarkLord_gr/st… - Snapshot and allocation for USDai ICO now complete for sPENDLE x.com/pendle_fi/stat… - ETHGas x Pendle for Open Gas Initiative x.com/ETHGasOfficial… NEW on Boros (all 27-MAR 2026 maturity): - [Hyperliquid] BTCUSDC and GOLDUSDC - [Gate] BTCUSDT and ETHUSDT - [Binance] XAUUSDT and XAGUSDT TASTY on Pendle now: - [ETH] PT-reUSDe 25-JUN 13.08% (loopable on TermMax) - [ETH] PT-savUSD 14-MAY 9.46% (loopable on Morpho) - [ARB] PT-sUSDai 15-OCT 8.1% - Le Pendle Print 103: x.com/pendle_fi/stat…

It will significantly increase my opinion of @Anthropic if they do not back down, and honorably eat the consequences. (For those who are not aware, so far they have been maintaining the two red lines of "no fully autonomous weapons" and "no mass surveillance of Americans". Actually a very conservative and limited posture, it's not even anti-military. IMO fully autonomous weapons and mass privacy violation are two things we all want less of, so in my ideal world anyone working on those things gets access to the same open-weights LLMs as everyone else, and exactly nothing on top of that. Of course we won't get anywhere close to that world, but if we get even 10% closer to that world that's good, and if we get 10% further that's bad) CC @DarioAmodei firefly.social/post/bsky/pv7f…

Good time to go shopping for alts with exponential downside risk that could pull a nice 3x-5x if BTC also pulls a 3x-5x

Introducing EVMbench—a new benchmark that measures how well AI agents can detect, exploit, and patch high-severity smart contract vulnerabilities. openai.com/index/introduc…

Moonwell's history of exploits: 10.10.2025: Chainlink’s oracle feeds priced AERO, VIRTUAL, and MORPHO lower compared to the DEX pool prices on Base. An attacker repeatedly flashloaned USDC/cbBTC, borrowed underpriced assets from Moonwell at 85-88% LTV, sold them on a DEX for more than the value of their flash loan, repaid the flash loan, and profited from the difference. While 10.10 was an unprecedented event, you clearly shouldn’t be able to borrow such volatile tokens at 85-88% LTV. Ended up with >$12M in liquidations, $1.7M in bad debt. Incident Summary: forum.moonwell.fi/t/anthias-labs… 04.11.2025: The wrsETH market priced collateral as (wrsETH/ETH) * (ETH/USD) using Chainlink feeds. The wrsETH/ETH oracle was based on market prices, not the exchange rate. Balancer, back then a source of most of the liquidity for rsETH got exploited a day earlier, and was likely the cause of the feed outputting an absurd value: 1 wrsETH = 1,649,934.60732 ETH. Same attacker as 10.10.2025, although we haven’t seen any evidence of them actually manipulating the oracle - only taking advantage of the mispricing. They’re clearly constantly scanning Moonwell for extractable value. $3.7M of bad debt. Incident Summary: forum.moonwell.fi/t/wrseth-oracl… Discussion around the oracle's failure: x.com/omeragoldberg/… 15.02.2026: Another badly configured oracle feed. cbETH’s price was set to cbETH/ETH ($1.12) instead of (cbETH/ETH) * (ETH/USD). 1096 cbETH liquidated, $1.78M of bad debt. The worst part is that the exact commit that caused the mispricing was co-authored by Claude: x.com/irboz/status/2… The PR: github.com/moonwell-fi/mo… Incident Summary: forum.moonwell.fi/t/mip-x43-cbet… Moonwell is not a serious lending market. They have failed too many times with their oracle setups. Do. Not. Use. It.