Starfish ᗜˬᗜ

‼️Do not npm install or deploy anything right now Supply chain attack on axios 1.14.1 - even if you don’t use axios it may be a nested dep. Pin versions or wait until this is resolved

We are working it, sharing what we know as of now - gist.github.com/joe-desimone/3…

Day 36: I highly recommend installing the DefiLlama Browser Extension. Earlier today, the Steakhouse app suffered a phishing attack. Thanks to DeFiLlama, when I tried to access its website, I instantly received a security warning. Phishing attacks are unfortunately extremely common in DeFi. The websites of Neutrl and Curvance, both of which have a fairly high TVL, were also hijacked earlier this year. If you interact with a dApp during a phishing attack, you could end up losing all your funds. Fortunately, the DeFiLlama Extension alerts you when most phishing attacks occur. And it’s free. No reason not to use it.

Just applied for @remekoAI allowlist. remeko.io/join?ref=starf…

@remekoAI looking forward to join the movement. 🫡

The new standard. remeko.io

@MadDonks Yo @0xNutrix @0xLAEY you need to get in on this 👀 @MadDonks whitelist is open Free mint, don't sleep on it 🫏

Recovery complete. Containment failed. The Donk is back… and it didn’t come out clean. Mad Donks whitelist applications are now LIVE. Get in before the next breakdown hits. Apply now: maddonks.club

@MadDonks early

Mad donks Club just landed. 2222 supply Free mint on ETH Early ones always win. Run it up. Spread it.

My champion is Pastor Pablito! Charismatic leader blending faith with savvy business deals. You turned spiritual devotion into a profitable startup congregation. Pick yours: quiz.tmm.world/?ref=cj1vRUYzM…

GIVE ME YOUR ATTENTION FOR LIKE 5 SECONDS GITHUB IS GONNA START USING *YOUR* CODE AND DATA TO TRAIN AI USING COPILOT!!!!!!!!!!! DISABLE IT AT github.com/settings/copil…

At first I was l0st but I have f0und my way back with @l0f0_00 🧭🐙 Just applied for whitelist: l0stnf0und.com/apply?ref=LNF-… Join the adventure! #l0stANDf0und #IP #NFT

Slow down damn it. Barely had a chance to try any of the past 9000 updates.

we need discord, i have so much question @b1m_ai.

so what happens (after a 1min check) is that the address `0xd4D80fEcFF6d2b8d7FedD773A97E504D23cCe3C2` is calling old Shapeshit contracts holding DAO tokens, e.g. `0xc7CEfA0A24fbd7709c2aebC8AD982b19153BDdC6`. These contracts use a fallback function, and the "attacker" bypasses all the "if" checks for the fn selectors and invoke the last lines which transfer it to the owner `0x8b3b3b624c3c0397d3da8fd861512393d51dcbac`. Unfortunately, the owner contract was CREATEed (and not CREATE2ed) thus RIP.

1/ Meet Aleksandr (Aleks) Khinkis, a Russian OTC broker who has allegedly helped a ransomware group launder $4.7M+ via a single crypto exchange account since July 2025, across three suspected ransom payments totaling 796 BTC.

Update: Here’s 5 more X accounts operated by the same entity that follow the pattern. jihooncrypto - 3846842218 seongwooiq300 - 1780190681756999680 iq300min - 2868821473 raqeem_saudi - 1238542124129320960 mrcryptowhalecn - 2707360046 (All accounts already have me blocked)

1/ I uncovered a coordinated network of 10+ accounts manufacturing viral panic about war and politics to drive traffic to crypto scams. Strategy: >Purchase accounts with followers >Doompost multiple times per day >Repost content from alt accounts >Promote fake giveaway or scam >Change username

my airdrop farming this year: