Bythos

1/ UraniumFinance UPDATE: From on-chain I noticed that Uranium dev has connected with GarudaSwap dev (which got exploited to 0 as well). And Github info shows that one of GarudaSwap's devs is wesoha, who is the Meycoin's dev and employed by meeyland.com

@TycheKong nice names of those tokens

Power by SlowMist AI 👇 **【攻击概览】** - 攻击类型：访问控制缺失（Missing Access Control）导致 LP 池代币被恶意 burn，造成 AMM 价格极端失真后套利 - 受害合约：ShiMama/Shibaba LP 池（`0x564cb2bae0b35cfc8c77d94d65015fe898f8f927`） - 攻击者地址：`0xd10880e7591e30a336b28a5855f0ccb4b8c7c8e9`（EOA） - 攻击合约：`0xcf7380462b7ca3e9f1717d17372eb093bf87f8d5`（在本次交易中动态部署） - 获利金额：约 **52.98 WBNB**（净获利，已扣除 30.78 shimama 代币成本和 gas） --- **【漏洞根本原因】** 合约：`ShiMamaProtocol`（`0x5049d10378356fde0b44c93fa7bb75836f10b49a`） 函数：`executePairBurn(uint256 referenceIn, uint256 minPullFromPair, uint256 deadline)` 缺陷：该函数缺少任何形式的访问控制，任意外部地址均可调用。攻击者可以传入任意大小的 `referenceIn` 参数，配合 `pairBurnBpOnSell = 10000`（100% burn 比例），一次性将 LP 池中几乎全部 shimama 代币强制抽取并 burn 掉，导致 LP 池中 shimama 余额接近于零，AMM 定价机制随之产生极度失真——用极少量 shimama 即可从池中换出大量 shibaba 代币套利。

what is this? etherscan.io/tx/0xaf1876111…

@zksecurityXYZ bitcointalk.org/index.php?topi…

The first two known exploits against live ZK circuits just happened, and they weren't subtle underconstrained bugs. They were Groth16 verifiers deployed without completing the trusted setup ceremony. One was white-hat rescued for ~$1.5M, the other drained for 5 ETH. 🧵

interesting bitcointalk.org/index.php?topi…

@AnthropicAI lmao gemini is better anyway

We’ve identified industrial-scale distillation attacks on our models by DeepSeek, Moonshot AI, and MiniMax. These labs created over 24,000 fraudulent accounts and generated over 16 million exchanges with Claude, extracting its capabilities to train and improve their own models.

The darkdao nightmare just flashed back? etherscan.io/address/0xd981… @VitalikButerin

So looks like a compromised private key from this tx: basescan.org/tx/0x1dd7c101c… @meta_alchemist @SeedifyFund, but still be careful of the mev bot who still got a large supply of the token from basescan.org/tx/0x3c1198b55….

thoughts? bscscan.com/tx/0x033c905e4…

also unichain: uniscan.xyz/tx/0x4776f3115…

rug? bscscan.com/tx/0x422cf6e40…

@Equilibriafi etherscan.io/tx/0x185a16017…

@hklst4r I meant looks a back door?

@bbbb yeah, should call it poorly-protected 😇

Another uniswap V3 unprotected callback hack. base chain: 0x6be0c4b5414883a933639c136971026977df4737b061f864a4a04e4bd7f07106