Spearbit

2.1K posts

Spearbit banner
Spearbit

Spearbit

@spearbit

Industry Leading Web3 Security. Request a security review here ➡ https://t.co/gqs2f17Yhd

Katılım Ekim 2021
33 Takip Edilen14.3K Takipçiler
Spearbit retweetledi
Cantina 🪐
Cantina 🪐@cantinasecurity·
We're taking our agents to Vegas for Black Hat. 🪐 Live runs on complex code and a session on building your own agents, with the security experts behind ours, walking you through both. Book a meeting: cantina.review/cantina-14b466 or stop by; there's a Millennium Falcon LEGO surprise too.
Cantina 🪐 tweet media
English
0
4
4
388
Spearbit retweetledi
Cantina 🪐
Cantina 🪐@cantinasecurity·
What happens when you merge a trading engine and a lending protocol into one set of contracts? @ammalgam is putting that question to the test with a $25K bug bounty program on Cantina. Researchers: Are you ready to find out whether shared state breaks? Link below.
Cantina 🪐 tweet media
English
3
3
21
2.4K
Spearbit retweetledi
Morpho 🦋
Morpho 🦋@Morpho·
Securing Morpho Midnight This framework covers the security principles behind Morpho Midnight: how it was designed, built, formally verified, and audited. morpho.org/blog/securing-…
English
11
11
112
21.4K
Spearbit retweetledi
Cantina 🪐
Cantina 🪐@cantinasecurity·
$1,500,000 on the line: The @OndoPerps x Cantina bug bounty program is live. The scope covers Ondo Perps’ trading web app, website, and API. This is a full-stack web target. Appsec, pentesting, or API security background? This one’s built for you: cantina.xyz/bounties/5ffa2…
Cantina 🪐 tweet media
English
4
5
61
12K
Spearbit retweetledi
Cantina 🪐
Cantina 🪐@cantinasecurity·
Cantina research: in Node.js, one odd character in a hostname can slip past the check that's supposed to stop it. Our autonomous Appsec agents found 3 ways across every supported version: a null-byte SSRF allowlist bypass and 2 TLS certificate bypasses. Details below.
Cantina 🪐 tweet media
English
1
4
25
2.6K
Spearbit
Spearbit@spearbit·
A normal audit ends with a report. Our review of @arkisxyz ends with a signature that can block the deploy. We recompile the build, confirm the bytecode matches what ships, then sign that exact release by name in a public log. No signature, no release. The Spearbit half of our joint write-up: cantina.xyz/blog/spearbit-…
Spearbit tweet media
English
0
1
12
2.1K
Spearbit
Spearbit@spearbit·
This is a real shift for onchain security. The audit report is no longer the deliverable. A named, independent signature on the exact code that ships becomes the gate, recorded in a public log, and without it the release cannot proceed. Proud to be the independent verification in the @Arkisxyz release loop.
Arkis@arkisxyz

Arkis has partnered with @spearbit, the security research firm behind reviews for @Morpho, @coinbase and @liquid_col to create the first fully verifiable, tamper-proof digital provenance for institutional smart contracts. @spearbit's sign-off is required before any release reaches production, and anyone can verify it independently. arkis.xyz/blog/arkis-x-s…

English
0
1
12
3K
Arkis
Arkis@arkisxyz·
Arkis has partnered with @spearbit, the security research firm behind reviews for @Morpho, @coinbase and @liquid_col to create the first fully verifiable, tamper-proof digital provenance for institutional smart contracts. @spearbit's sign-off is required before any release reaches production, and anyone can verify it independently. arkis.xyz/blog/arkis-x-s…
English
2
2
16
4.6K
Spearbit retweetledi
Cantina 🪐
Cantina 🪐@cantinasecurity·
Deepfake fraud is now one of the costliest security threats, and it has become much easier to execute. Real-time video deepfakes have moved from demos to criminal operations. Here’s a full breakdown of how to spot them: cantina.review/deepfakes-0cb2…
Cantina 🪐 tweet media
English
0
3
12
1.9K
Spearbit retweetledi
Cantina 🪐
Cantina 🪐@cantinasecurity·
We detected that Pathling, an open-source FHIR analytics server from the e-Health Research Centre, has an $ import-pnp operation that sends the server's OAuth credentials to any URL the caller specifies. Any authenticated user can trigger the chain with a single HTTP request, leaking credentials to an attacker-controlled host, performing authenticated SSRF from Pathling's network position, and writing attacker-patient records into the warehouse as trusted. We call this pattern TrustLaunder. Pathling fixed the issue in server-v2.0.0 Full writeup: cantina.review/cantina-agenti…
Cantina 🪐 tweet media
English
0
3
13
1.1K
Spearbit retweetledi
Cantina 🪐
Cantina 🪐@cantinasecurity·
Cantina threat discovery: Apple's swift-crypto reads memory it shouldn't when a network peer sends a short post-quantum key. That's what we found in Apple's swift-crypto. The X-Wing HPKE decapsulation runs in Swift and forwards its input to a BoringSSL C function that expects exactly 1120 bytes. The Swift caller accepted any length. The check that should have lived in between didn't exist. Patched in 4.3.1. Full breakdown: cantina.review/cantina-e04361
Cantina 🪐 tweet media
English
0
4
20
2.5K
Spearbit
Spearbit@spearbit·
Five household-name eng orgs hit in three weeks by the same group. A worm built for npm ended up walking ~3,800 internal repos out of GitHub.
Cantina 🪐@cantinasecurity

We’ve detected that @GitHub has been compromised by TeamPCP. A poisoned VS Code extension on an employee device. ~3,800 internal repos exfiltrated. Data already on a black forum for $50K. The technical vulnerability is two words: "runOn": "folderOpen" in a .vscode/tasks.json. Cursor plays with Workspace Trust OFF by default. Open the folder, the task fires. Same group hit @Tan_Stack, @OpenAI, @Microsoft, and Nx in the prior 3 weeks. Same blind spot in every IDE-scanning security stack. What a time for cybersecurity! Full breakdown: cantina.review/github

English
1
0
15
4.4K
Spearbit retweetledi
Cantina 🪐
Cantina 🪐@cantinasecurity·
Pretty wild: Apple's May 2026 security advisory is the first in its history to include AI credit lines. 3 credits to Cantina (one bug had been in WebKit for 13 years). 2 to Anthropic's Claude. This is why we put together a joint guide with @swif_ai: the shape of a security advisory is changing, and we wanted to give teams a clear read on what matters most during this transition. Read on: cantina.review/apple-security
Cantina 🪐 tweet media
English
3
5
32
2.9K
Spearbit retweetledi
Cantina 🪐
Cantina 🪐@cantinasecurity·
Scammers spin up brand impersonation accounts by the 1000s every day using typosquats, homoglyphs, fake avatars, and fake job listings. So we had to act. Introducing Klaxon: a free, self-hosted terminal tool that monitors your brand on social and pages your team the moment something is off. Try it for yourself: cantina.review/klaxon
English
1
8
29
3.6K
Spearbit retweetledi
Cantina 🪐
Cantina 🪐@cantinasecurity·
The local foothold can put an entire platform team on the clock. Dirty Frag affects RHEL 8, 9, and 10, OpenShift 4, and a broad set of Ubuntu packages. The real issue is what happens next: a local user can turn limited access into root across shared infrastructure. It lands with platform, cloud, and security teams at the same time. Read the full article: cantina.review/3zv
Cantina 🪐 tweet media
English
0
3
12
2K
Spearbit retweetledi
Cantina 🪐
Cantina 🪐@cantinasecurity·
Apple patched a 13-year-old bug in WebKit yesterday. Apex, Cantina's autonomous AppSec agent, found it. It's one of three Apex findings in the same release. Two are CSP bypasses. Full writeup: cantina.review/ze5
English
13
19
122
2.2M