b sadiq

@Darkreyyy Awesome bro

Introducing Flash Protocol ⚡ Flash Protocol lets users pay from any chain while merchants receive exactly what they want Pay anywhere. Settle how you want.

We live in a time between times. The hackers have incredible technology to find bugs quicker than the defenses can put up. These are the biggest public hacks I think I’ve ever seen since getting into security. This has to change. We need to use the same tools as defense.

@fuzious18 Congratulations bro 🎉 keep going

🥉🦍

@maigadohcrypto @sherlockdefi Congratulations bro 🎉 keep going

Masha Allah ranked 5th twice in 2026 , thanks @sherlockdefi for giving the opportunity to showcase my skill

@velevvv @sherlockdefi Congratulations bro 🎉 keep going

Another 🏆 - Top 10 out of 1009 auditors. There were days I didn’t feel like doing this at all. Still showed up. That’s the difference. Go get your W. Thanks @sherlockdefi 🫡

@kalyan__tr Congratulations bro 🎉 keep going

Never posted about my first win. Time to fix that. Fluid DexV2 - Jan 2026 • First ever validated finding • $2,516 USDC • Ranked #9 QA → Full Stack → Web3 Security Zero earnings. Countless rejections. "Invalid" after "Invalid." Then one finding changed everything. Since then: Limit Break AMM (2nd valid Medium) To everyone still at zero: I was you for 2 years. Keep building. The grind is real, but so is the breakthrough. 🩸 #Web3Security #SmartContractAudit #DeFi

@0xpiramide @0xfluid @sherlockdefi Congratulations bro 🎉 keep going

not the best coverage but still getting better every contest, thanks for the opportunity. @0xfluid @sherlockdefi

@ddimitrovv22 Auditors should focus on improving and forget the shitposters

All the AI solutions claim that they are better and cheaper than human audits. Everyone is focused on building the next big AI agent. And yet, April is one of the worst months in terms of hacks. Something is wrong.

@lonelysloth_sec @RektHQ @The3D_ @aave @PatrickAlphaC @cyfrin @PestoPoppa @gnosis_ @Nethermind Auditors should mind their business, and not be distracted

Bug bounty only works when researchers and devs act like partners, not opponents. Researchers: bring clear PoCs, real exploit paths, and impact in dollars. Developers: respond on time, communicate clearly, and respect valid findings. Security is a core infrastructure

@ddimitrovv22 Or greed at its highest peak

There are more than enough open-source security tools. Projects have literally 0 reasons to launch without any form of audit. Except if they don't care about their users at all.🤷🏻‍♂️

@RektHQ @The3D_ @aave @PatrickAlphaC @cyfrin @PestoPoppa @gnosis_ @Nethermind AI auditors aren't a solution. They are a sales pitch to an exit strategy. Bear market -> pivot to "AI native" -> sell your company (before the AI bubble bursts!) BTW you can't audit the AI gents because you can't even map what the models are doing -- they are opaque by design.

"Everything we just said is probably going to be outdated 5 minutes after this panel." @The3D_ (@aave) · @PatrickAlphaC (@cyfrin) · @PestoPoppa (@gnosis_) Mod: Peter Kecman (@Nethermind) By 2027, will we be auditing code, or auditing the AI agents that wrote it?

@zerocipher002 We still keep going bro 💪

Three years ago I submitted my first Web3 contest entry on Code4rena. Found one QA issue. Thought maybe I'd chosen the wrong career path. This year I collected $300,000 from a single critical bug report. This space rewards depth and patience in ways I didn't fully understand when I started.

You never “get” anything in life. You exchange one thing for another. Everything has a price. You are always paying. You don’t get to choose whether you pay. You only choose what you pay for.

@PatrickAlphaC @battlechain Whitehats first🥳

The @battlechain testnet is now LIVE. Come enter the ultimate red-team platform. Give us feedback so we can launch mainnet very soon, and fix web3 security.

If you only work when it’s rewarding, you’ll quit security. Because most of it is: confusion dead ends and false confidence Keep going or don’t. GM

You don’t find critical bugs by reading carefully. You find them by assuming the developer is wrong. Are you auditing… or admiring the architecture?

@MartinMarchev Thanks for this piece mate

@PiyushShukla__ True

I noticed that many researchers have left Web3 security. There are several reasons for this. Some left because of market conditions. contests are almost dead and there isn’t much real hiring from companies. Others found Web3 security very difficult, and now there are also new risks and changes coming from AI. However, the same experienced security researchers are still here, as always. many of the same people from previous years. But junior auditors are already leaving, and new researchers are very unlikely to survive in the current environment.

@juggernautVoC @immunefi Keep going bro 🔥

Alhamdulillah for first bounty, not bad. I just found a confirmed bug on @immunefi #immunefitribe immunefi.com/s/ss/?severity…