JPMK @_JcryPto_
crypto warrior Joined July 2014-
Tweets2K
-
Followers104
-
Following2K
-
Likes2K
LIVE NOW -- Ethereum’s World’s Fair: Devconnect 2025 In Buenos Aires | Nathan Sexer, EF's Head of Events @NathanSexer, lead of the @EFDevcon and @EFDevconnect team at the @ethereumfndn, joins to give us an inside preview of this year's Devconnect 2025 in Buenos Aires. We cover…
2/8 The root cause: LayerZero configuration tampering The attacker deployed a fake Ethereum contract and added it as an unauthorized LayerZero peer - replacing Griffin's legitimate Ethereum endpoint. This fake peer enabled unlimited cross-chain minting on BNB Chain, completely…
Recent npm compromises showed how quickly supply chain attacks spread. 👇These defenses already saved dApps from wallet-draining malware. We put them together in a new blog post so web3 dev teams can apply them today.
Supply chain attack targeting #Web3 Two malicious Rust crates faster_log & async_println found exfiltrating Ethereum & Solana private keys. Combined, the two crates were downloaded 8,424 times and were published on May 25, 2025.
Supply chain attack targeting #Web3 Two malicious Rust crates faster_log & async_println found exfiltrating Ethereum & Solana private keys. Combined, the two crates were downloaded 8,424 times and were published on May 25, 2025.
Evolving NPM Supply Chain Attacks Protect your development and CI/CD environments: ❌ npm i → may pull infected dependencies ✅ npm ci → installs from lockfile, reproducible & safe
Enosys Loans has finished an initial audit by @coinspect with a second audit commencing soon, and is currently in internal testing on Coston 2. Read more here : enosys.global/products/loans Docs can be found here (will be updated with parameters and addresses as we go live):…
The latest NPM malware wave nearly turned into a wallet-draining disaster for Web3. Curve, Lido & others only stayed safe thanks to dependency pinning. Details in our deep dive 👇
The latest NPM malware wave nearly turned into a wallet-draining disaster for Web3. Curve, Lido & others only stayed safe thanks to dependency pinning. Details in our deep dive 👇
Listen to Michael, the affected `debug` NPM package is loaded by Curve's frontend. Six layers deep through indirect dependencies. No one added debug directly, yet the chain still drags it into production. 📌Saved by lockfile.
Listen to Michael, the affected `debug` NPM package is loaded by Curve's frontend. Six layers deep through indirect dependencies. No one added debug directly, yet the chain still drags it into production. 📌Saved by lockfile. https://t.co/VB48WyNRH4
Qix/NPM attack didn't succeed. Some dismissed it, even mocked the attackers, and moved on. That's a mistake. We can't judge these events only by their outcomes. Attacks only get better. What matters is investigating: What the attackers targeted? Why they failed?
✅ Minimize dependencies (depcheck) ✅ 📌Pin exact versions (no ~ or ^) ✅ Lock dependencies (npm ci vs npm i) ✅ Delay and review updates (min age) ✅ Disable install scripts (--ignore-scripts) ✅ Scope internal packages (company/pkg) ✅ Harden CI/CD, GH Actions ❓ ...
1/ Three weeks. Three NPM supply chain attacks. Two targeted cloud and devs to steal secrets. The one that started by phishing Qix went directly after dApp frontends. This payload was built to run inside browsers intercepting wallet transactions. 🫵Targeting you
What a PR github.com/nrwl/nx/pull/3… by @NxDevTools This one was written by AI and introduces a critical PR title injection that could allow anyone to steal their NPM token with a little privesc. How is stuff like this still shipping?
Still tracing the lineage between the S1ngularity attack and the Shai-Hulud virus. Patient zero might overlap. Did it all start from a vibe-coded vuln? 🤔 GH Action vuln exploited 1 day after commit? 🤔
25 years ago I wrote my first exploit (buffer overflow… or was it a format string? 😅). Userland, kernel, embedded across OSes and archs for ~10y Now? Diving into JavaScript internals (the heap spray thing). For exploits? No! hardening, sandboxing. JS is weird but powerful.
npm worm raging, top dApp frontend redeploys… for a SVG change. 📌trust in your version pinning.💪
🚨 Major active supply chain attack just hit npm. Popular package @ctrl/tinycolor was trojanized — and it didn’t stop there. Over 40 packages were silently modified to steal secrets from dev machines & CI pipelines. Our team at Socket caught it. Full report coming soon. Stay…
🚨 Worm-like supply chain attack is unfolding. I warned this was coming and I've been building. Multiple projects: system to incentivize disclosure of risk, monitoring to detect even subtle business logic shifts, client-side protection. Looking for partners + early adopters.
⚠️ Multisigs don’t protect you if you blindly trust a web frontend. It happened again. On Sept 10, a Safe multisig with $3M+ USDC was drained after signing via a compromised @RequestFinance frontend. A successful supply chain attack slipped in a rogue contract approval.
😍 Learn EVM Attacks Explorer
😍 Learn EVM Attacks Explorer https://t.co/0iYNHgx3aL
SelenaMorris @xRq3971X917EI
21 Followers 562 Following
Enosys FAQ @EnosysGlobal_io
154 Followers 457 Following Enosys pioneers research and development in blockchain technology. https://t.co/eBRHit67Eh
LiquidLoans.io Offici... @liquidloansSupp
320 Followers 164 Following 0% Interest-Free #DeFi Borrowing Protocol. Asset Backed Stablecoin. Low 110% Collateral Ratio. No Repayment Schedule. Immutable. Governance-Free. No Admin Keys.
VictoriaGuy @gmPt3Tzbh1ie5s
18 Followers 476 Following
DividendHunter🇺�... @Vwosul540676
61 Followers 2K Following 15-30% Monthly | 2 High-Conviction Stocks.Short-Term Gains: 15-20% in Days/Weeks.DM "JOIN" for WhatsApp Alerts. Live Trade Signals • Market Analysis
Kalis @jaczkal
673 Followers 695 Following tech lead @ackeeblockchain security researcher pursuing phd while touching grass between audits
Cilla @Feemir4507
37 Followers 2K Following Don’t be the girl who needs a man, be the girl a man needs.
Ace 🟠 NFTARMY @6th__account
4K Followers 3K Following Crypto enthusiast | Exploiring hidden gems | Blockchain researcher and always sharing insights. @spaace_io @BTFDRabbits @wardenprotocol
Jane Lipencoott @selimal17148964
39 Followers 381 Following @voltcapital | Prev. Investing @a16z crypto @distributedg@winklovesscap building @horizenglobal | 🇺🇸 crypto since 14 🇭🇰
Donna King @DonnaKing277179
0 Followers 58 Following Weekly selection of high-quality stocks. 30% monthly return rate Free 2-month trial Click the link to join us:https://t.co/82DN1NmbO3
Slalieperw @Slalieperw826
153 Followers 3K Following
Blackie.hl @ManInBlackie
5K Followers 1K Following Building at @ryskfinance | co-author of Mastering Ethereum: 2nd Edition | Former Head of Security at @protofire and Lead Auditor at @hackenclub
Kleke @Kleke701
70 Followers 3K Following
Breekog @Breekog823735
66 Followers 1K Following
Klauto @Klauto53164
17 Followers 492 Following
Arvotooc @Arvotooc84374
37 Followers 838 Following
patricia @patrici55555257
0 Followers 20 Following Professor Chris's team provides cryptocurrency analysis, earning $500 to $5,000 a day, click to join WS: https://t.co/lIdBvNoEuY
Glitch @glitch_txs
538 Followers 499 Following co-author of EIP-6963 | FE at @trustwallet, prev. DevRel at @walletconnect | learning Kazakh language.
Titoo @Titoormgy74
13 Followers 706 Following
Piña🍍 @pinalikefruit
534 Followers 392 Following Blockchain Security Researcher. Steward @_SEAL_Org . Tweets are my own opinion. Building in public.
Yesenia @bencomoyesenia2
243 Followers 3K Following
Web3 Engineering @w3e_uk
2K Followers 2K Following Onchain Divers Solana Validator | Access real-time txs data with our Indexer! | https://t.co/2S18zfHNPj - perfect tool for testing transactions | soon @solprojj
Muhammad Junaeid @MmJunaeid
216 Followers 1K Following Sharing insights on AI, Books, Entrepreneurship
Carol @hanlin_carol61
268 Followers 3K Following
Edna @edna_slack28
251 Followers 3K Following
Christy @s_christy74
265 Followers 3K Following
Yolanda @d_yolanda18
253 Followers 3K Following
Veronica @demottveronica4
267 Followers 3K Following
Delores @d_jones59
293 Followers 3K Following
amlug.eth @realamlug
2K Followers 3K Following Building web3 ! Jesus lover ! husband ! dad of 3 boys ! $ETH Maxi
Franco Riccobaldi @friccobaldi
156 Followers 167 Following
Wanda @finch_wanda84
225 Followers 3K Following
Shirley @shirley28robert
446 Followers 3K Following
PLUGCALLS @cheetah_nation
494 Followers 4K Following PLUG HERE TO MAKE YOU RICH DM for business /TO GET RICH DM JOIN THE COMMUNITY https://t.co/hS6s9N49hB
Meir Dolev @Meir_Dv
437 Followers 466 Following Founder & CTO https://t.co/WOFlLMN54I | Web3 Security Expert
katana ⚔️ @katana
299K Followers 531 Following a defi chain forged to bring dead bags to life via deep liquidity & real yield built by katana foundation, incubated by @0xpolygon x @gsr_io.
vx-underground @vxunderground
377K Followers 294 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Young Kim Supports �... @the_lgbtrash
212 Followers 475 Following 🇵🇸🇨🇳🇰🇵🇻🇳🇨🇺 Down with apartheid Israel. Long live the PRC and the DPRK. Stalin appreciation account. Homosexual.
Tib3rius @0xTib3rius
69K Followers 596 Following Cybersecurity Content Creator | UwU-Anointed Wapp King | DEF CON Gameshow Host | Ex-Brit | https://t.co/04RRExvxXj (he/him) 🇺🇸 A deeply unserious person.
Adnan Khan @adnanthekhan
3K Followers 209 Following Security Engineer | Part Time Security Researcher | Build Pipeline Menace | All thoughts and opinions are my own | 🍉
Feross @feross
29K Followers 2K Following ⚡️ Founder + CEO @SocketSecurity (https://t.co/7g1opA8rgG) • 🌲 Visiting lecturer @Stanford (https://t.co/yw9prxLQAM) • ❤️ Open source @WebTorrentApp + @StandardJS
Ēnosys @enosys_global
106K Followers 86 Following Ēnosys pioneers research and development in blockchain technology. https://t.co/zj9YMNb3wX
Flare Devs @FlareDevHub
3K Followers 110 Following Native data, fast finality, robust SDKs—plus upcoming TEE compute. Flare is the interoperable EVM stack for devs who want to build once and run everywhere ☀️
bitcoin++ @btcplusplus
12K Followers 2K Following bitcoin++ is the frontier of bitcoin. join us at our technical conferences for in-depth lectures, hands-on workshops, and competitive hackathons.
Victor Tran @vutran54
11K Followers 237 Following CEO/Co-Founder of @KyberNetwork and https://t.co/wnmQBXScCW - Builder, I'm more OG than you can imagine.
Wake @WakeFramework
1K Followers 147 Following Ship secure code and find vulnerabilities using Solidity's fastest fuzzing and integration testing framework for @Ethereum. by @AckeeBlockchain
zak.eth @0xzak
17K Followers 861 Following 🏴☠️ security researcher and web3 engineer, 📈 serving ETH holders @ethcforg, 🏊♀️ cofounder @0xbowio, 📖 EIP-6968 author @ethereum, 🇺🇸 NJP recipient @USMC
@levelsio @levelsio
734K Followers 2K Following 💸https://t.co/sQ0aiU7v02 $336K/m 📸https://t.co/lAyoqmSBRX $150K/m 🛰https://t.co/ZHSvI2wjyW $33K/m 🏡https://t.co/1oqUgfD6CZ $30K/m 🌍https://t.co/UXK5AFqCaQ $7K/m 👙https://t.co/RyXpqGuFM3 $14K/m 💾https://t.co/M1hEUBAynC $6K/m
Bluwhale AI @bluwhaleai
244K Followers 115 Following Web3’s Intelligence Layer (L3) 🇺🇸 - The Fastest Growing AI Network Powered By YOU, Unlocking The Future of AI Agents With $BLUAI & $BLUP
MoveBit @MoveBit_
17K Followers 317 Following Sub-brand of @0xbitslab. A security team focused on the Move ecosystem, building the standard and delivering security audits for the Move ecosystem.
BitsLab @0xbitslab
2K Followers 63 Following Securing and Building EMERGING Web3 Ecosystems ☂️ @MoveBit_ | @ScaleBit_ | @TonBit_
Zenith @zenith256
2K Followers 2 Following Zenith assembles auditors with proven track records to secure your project. We find the critical bugs now—freeing you to launch this week—not next month.
Mindzi.ink π² ⌘ @MindziOX
428 Followers 1K Following Content Creator 🇻🇳 | #NFT 🚀| #Memecoin 💰| #SocialFi | #Web3 Gaming 🎮 Plume Goon
Ace 🟠 NFTARMY @6th__account
4K Followers 3K Following Crypto enthusiast | Exploiring hidden gems | Blockchain researcher and always sharing insights. @spaace_io @BTFDRabbits @wardenprotocol
α𝗄𝗋 @akrWeb3
27K Followers 22K Following Web3 KOL | X Creator | Co-Lead @Solnftfinder | Personal signal ≠ financial gospel 🔍 DYOR
Zone @zone_web3
24K Followers 6 Following The web3 community where you can discover future technologies. Best place for blockchain enthusiasts
Okan @okanaksoy54
17K Followers 5K Following Founder of @zone_web3 | Community Lead @SeiNetwork | Ambassador @Glider_fi | Quackers @wallchain_xyz | Researcher
Billions @billions_ntwk
568K Followers 50 Following The Human and AI Network. 👤 Join: https://t.co/OFNmUW1S3L 💬 Community: https://t.co/R3vtB8wtI5
Portal @PortaltoBitcoin
473K Followers 1K Following The only custodyless Bitcoin cross-chain infrastructure. Swap BTC, ETH, SOL, L1/L2. Backed by @CBVENTURES & @OKX. Portal's Utility token $PTB now live.
Aashir_ @Aashir_beyg
2K Followers 547 Following Crypto,Crypto Enthusiast,Web3,Defi,NFT, Social Activist.
Luminite @luminite_wallet
2K Followers 23 Following ⚡ Instant Wallet. Cross-Chain Swaps. Real Yield. 🔑 No Seedphrase. Just Tap In. Built by @SparkDEXAI | Powered by @FlareNetworks Tech.
Ga^3in Ventures @GainVentures
11K Followers 403 Following Web3 + AI fund from @DukeAlumni and @DukeGEN ecosystems | Pitch to get funded: https://t.co/YDshZfgHzX
CapyFi @CapyFi_Protocol
170 Followers 295 Following Generá rendimientos, pedí préstamos y controlá tus fondos cuando quieras y sin intermediarios. Transformando DeFi en LATAM 🌐
Jane Lippencott @janehk
27K Followers 8K Following @voltcapital | prev. investing @a16z crypto @distributedg @winklevosscap building @horizenglobal | 🇺🇸 crypto since '14 🇭🇰
Alice Henshaw @hensha256
3K Followers 469 Following protocol eng @Uniswap, previously breaking code @OpenZeppelin
deebeez @deeberiroz
1K Followers 409 Following Security researcher, Solidity developer, auditor, autistor, researchoooor @VennBuild
shung 🇵🇸 @shunduquar
3K Followers 793 Following opinions neither my own nor my employers' security researcher @openzeppelin advanced solidity instructor @rareskills_io
Three Sigma | Web3 Se... @threesigmaxyz
14K Followers 199 Following $7B+ Secured 🛡️ Smart Contract Security & Economic Audits Trusted by Maple, Uniswap FND, Arbitrum FND, ZKsync, Liquity & more. Book an audit: https://t.co/DbqBkKszkr
Dr. Z @dr_zircuit
82K Followers 147 Following 💻 Technical lead and 🛠️ co-founding contributor at @ZircuitL2. Maybe also a cat 🐈
Zenity @zenitysec
847 Followers 52 Following Zenity is the first security and governance platform purpose-built for AI agents - spanning SaaS, Cloud, and Endpoint
Michael Bargury @mbrg0
9K Followers 490 Following Breaking AI. Hacked Copilot, hijacked ChatGPT. Building @zenitysec.
Michael Svoboda @svobodamichael
1K Followers 818 Following CEO, Liquity AG. 100% DeFi-native borrowing and stablecoins with @LiquityProtocol V1 & V2.
count-sum @_count_sum
81 Followers 632 Following Smart contract developer | Web3 security researcher | Ex-Consensys | Ex-Solana Validator
Yoni @YoniKesel
566 Followers 2K Following The future is onchain | Ex- @chaos_labs @Amazon | contributor @eoracle_network
Weilin (William) Li @hklst4r
1K Followers 405 Following PhD student @ucl | Alumni @ustc | NFA. all posts are totally my personal opinions | do not offer security services.
Michael Nadeau | The ... @JustDeauIt
13K Followers 479 Following Founder @ The DeFi Report | Research, Market Insights, and Onchain Data: https://t.co/xa8A2CcHq8Trends for United States
You might like
