April 1, 2025
April 1, 2025
Synthetics Implemented Right @leveragesir has been hacked for $355k
— Decurity (@DecurityHQ) March 30, 2025
This is a clever attack. In the vulnerable contract Vault (https://t.co/RycDbFY5Xq) there is a uniswapV3SwapCallback function that uses transient storage to verify the caller. Specifically, it loads an address… pic.twitter.com/u6PhksPV31
I just released our kernelCTF VSock 0-day write-up with @_qwerty_po . (exp196/exp197, CVE-2024-50264)https://t.co/8UpGrVcDFF
— V4bel (@v4bel) December 19, 2024
We made history by being the first to exploit VSock in kernelCTF, expanding its known attack vectors. 🥳
It’s a pretty *simple* race condition, right? pic.twitter.com/P31X6c8vi0
BTW, This is a variant of CVE-2021-26708:https://t.co/d7Q0SaBHeQ
— V4bel (@v4bel) December 19, 2024
It was the first vuln analyzed after joining the company two years ago. Back then, I knew vvs still ended up as a dangling ptr even after the vuln was patched, but only recently succeeded in triggering the UAF. 🥲

The demoscene as a UNESCO heritage in Sweden | GOTO8O
The demoscene has become a national UNESCO-heritage in Sweden, thanks to an application that Ziphoid and me did last year. This has already happened in several European countries, as part of the international Art of Coding initiative to make the demoscene a global UNESCO heritage. I think this makes
Counter-terror chief: Espionage in Britain at its worst since Cold War https://t.co/5zfdqdFJSp via @MailOnline
— Dr. Dan Lomas (@Sandbagger_01) March 31, 2025
Russian PMCs engage in a range of operations, from political influence to direct combat. In this piece, we explore the role of technology in PMC evolution and what this may reveal about future development - and their role in Russian foreign foreign policy.https://t.co/3TcnQAsZAb
— Cyber Statecraft (@CyberStatecraft) March 31, 2025

Hackers, Hoodies, and Helmets: Technology and the changing face of Russian private military contractors - Atlantic Council
This issue brief explores the technological capabilities of Russian private military companies and how they are used across various types of missions in support of and in parallel with Russian policy.
The @zkLend explioter mistakenly clicked on a phishing site while attempting to use Tornado Cash, resulting in the loss of 2,930 ETH.🤣
— MistTrack🕵️ (@MistTrack_io) April 1, 2025
❌ Fake: tornadoeth[.]cash
✅ Real: @TornadoCash https://t.co/8ovmoT9W00
Lmaooo pic.twitter.com/D753e9QrEc
— Vladimir S. | Officer's Notes (@officer_cia) March 31, 2025
Although…
🚨🚨I found something interesting. The person who stole zklend and the phishing website imitating TornadoCash may be the same person.@zkLend @officer_cia @im23pds
— TornadoCashBot (@TornadoCashBot) April 1, 2025
1. The ENS safe-relayer.eth has been marked on etherscan. We can track it through the transfer records of this ENS pic.twitter.com/0M33MNGBl9
The craziest file I made & visualized recently was combining the Doom PDF with a DOS & Windows (EXE & PE) polyglot.
— Ange (@angealbertini) April 1, 2025
It runs Doom on OS from 1993 until today, and Chrome-based PDF viewers!
You can make it an HTML/JS polyglot too to run on most browsers! (3/3) pic.twitter.com/f1kjGWRKDR
Steve Herman: "Voice of America’s "affiliate partner stations th…" - Journa.host
Voice of America’s "affiliate partner stations that need to fill air and screen time are already lining up programs from the international broadcasting services of Russia and China to replace American programming.” - Former VOA Director Geoffrey Cowan https://www.marinij.com/2025/03/31/california-voice-under-trump-voice-of-america-radio-has-fallen-silent/
Anatomy of an LLM RCE
https://www.cyberark.com/resources/all-blog-posts/anatomy-of-an-llm-rceBy leveraging Microsoft Security Copilot to expedite the discovery process, Microsoft Threat Intelligence uncovered vulnerabilities in multiple open-source bootloaders, impacting all operating systems relying on UEFI Secure Boot as well as IoT devices. https://t.co/5HB3YV3Igk
— Microsoft Threat Intelligence (@MsftSecIntel) March 31, 2025