β‘οΈShibarium paused after an exploit where fake data hit its ETH-linked contracts.
Team says bridge restart + user refunds next.
Lesson: cross-chain inputs must be attested & rate limited, not just parsed.
#BlockchainSecurity
Source: The Block π
https://theblock.co/post/373368/shiba-inu-shibarium-preps-bridge-restart-plans-user-refunds-after-4-million-exploit
Team says bridge restart + user refunds next.
Lesson: cross-chain inputs must be attested & rate limited, not just parsed.
#BlockchainSecurity
Source: The Block π
https://theblock.co/post/373368/shiba-inu-shibarium-preps-bridge-restart-plans-user-refunds-after-4-million-exploit
β€7π2π₯2π1
β‘οΈA Hyperliquid user just lost $21M after a private key compromise. Funds were bridged out within minutes.
π«οΈLesson: rotate keys, segment risk, and monitor for abnormal approvals.
β‘οΈSource: CoinDesk / Yahoo Finance / The Block
https://coindesk.com/business/2025/10/10/usd21m-crypto-theft-on-hyperliquid-tied-to-private-key-leak-peckshield
https://sg.finance.yahoo.com/news/21m-crypto-theft-hyperliquid-tied-133841170.html
https://theblock.co/post/374145/21-million-stolen-from-hyperliquid-user-after-apparent-private-key-compromise-peckshield
π«οΈLesson: rotate keys, segment risk, and monitor for abnormal approvals.
β‘οΈSource: CoinDesk / Yahoo Finance / The Block
https://coindesk.com/business/2025/10/10/usd21m-crypto-theft-on-hyperliquid-tied-to-private-key-leak-peckshield
https://sg.finance.yahoo.com/news/21m-crypto-theft-hyperliquid-tied-133841170.html
https://theblock.co/post/374145/21-million-stolen-from-hyperliquid-user-after-apparent-private-key-compromise-peckshield
π3β€2π₯1π1
β‘οΈAnalysts say yesterdayβs crypto crash likely under-reported liquidations β some APIs captured just ~5% of real flow.
β‘οΈThatβs how you get β$19β40Bβ headlines while $300β400B vanishes.
π«οΈLesson for builders: audit β enough. Add stress tests, circuit-breakers, withdrawal delays, and live anomaly alerts.
β‘οΈSources:
https://thestreet.com/crypto/trading/analyst-warns-market-crash-wiped-out-400b
https://telegraph.co.uk/business/2025/10/11/markets-chaos-trump-triggers-record-crypto-crash/
https://forbes.com/sites/digital-assets/2025/10/12/trump-surprise-triggers-huge-crypto-flash-crash-as-traders-brace-for-bitcoin-ethereum-xrp-bnb-and-solana-price-wipeout/
β‘οΈThatβs how you get β$19β40Bβ headlines while $300β400B vanishes.
π«οΈLesson for builders: audit β enough. Add stress tests, circuit-breakers, withdrawal delays, and live anomaly alerts.
β‘οΈSources:
https://thestreet.com/crypto/trading/analyst-warns-market-crash-wiped-out-400b
https://telegraph.co.uk/business/2025/10/11/markets-chaos-trump-triggers-record-crypto-crash/
https://forbes.com/sites/digital-assets/2025/10/12/trump-surprise-triggers-huge-crypto-flash-crash-as-traders-brace-for-bitcoin-ethereum-xrp-bnb-and-solana-price-wipeout/
β€3π₯3π2π1
β‘οΈAstra Nova ($RVV) says a third-party market-maker account was compromised rapid dumps sent the token down ~70%.
π«οΈLesson for teams: third-party keys = blast radius. Enforce withdrawal policies, signer separation, and real-time off-exchange monitoring.
Source:
https://www.edgen.tech/news/crypto/astra-novas-third-party-market-maker-account-hacked-rvv-token-plunges-70
π«οΈLesson for teams: third-party keys = blast radius. Enforce withdrawal policies, signer separation, and real-time off-exchange monitoring.
Source:
https://www.edgen.tech/news/crypto/astra-novas-third-party-market-maker-account-hacked-rvv-token-plunges-70
π3π₯2π1π1
β‘οΈMajor AWS outage disrupted multiple apps (incl. crypto platforms). No clear evidence of a cyberattack so far, still a wake-up call on single-cloud blast radius.
π«οΈAction: multi-region failover, cloud-agnostic runbooks, status-page decoupling.
#AWS
Sources: Economic Times & Coinpedia
https://economictimes.indiatimes.com/news/international/us/amazon-robinhood-snapchat-cloud-crash-cyberattack-today-aws-outage-explained-did-china-just-bring-amazon-down-along-with-robinhood-snapchat-what-happened-heres-what-experts-are-saying/articleshow/124702482.cms
https://coinpedia.org/news/chinas-cyberattack-claim-aws-outage-rock-the-internet-coinbase-among-platforms-hit/
π«οΈAction: multi-region failover, cloud-agnostic runbooks, status-page decoupling.
#AWS
Sources: Economic Times & Coinpedia
https://economictimes.indiatimes.com/news/international/us/amazon-robinhood-snapchat-cloud-crash-cyberattack-today-aws-outage-explained-did-china-just-bring-amazon-down-along-with-robinhood-snapchat-what-happened-heres-what-experts-are-saying/articleshow/124702482.cms
https://coinpedia.org/news/chinas-cyberattack-claim-aws-outage-rock-the-internet-coinbase-among-platforms-hit/
π3β€1π₯1π1
β‘οΈ$3M in XRP stolen: the user imported a hardware-wallet seed into a mobile app, turning βcoldβ storage into hot without realizing.
π«οΈDo now: separate cold/hot seeds, add a BIP39 passphrase, enforce withdrawal delays & anomaly alerts.
Source: CoinDesk
https://coindesk.com/tech/2025/10/19/xrp-investor-says-usd3m-in-xrp-was-stolen-cold-wallet-maker-says-seed-import-made-wallet-hot
π«οΈDo now: separate cold/hot seeds, add a BIP39 passphrase, enforce withdrawal delays & anomaly alerts.
Source: CoinDesk
https://coindesk.com/tech/2025/10/19/xrp-investor-says-usd3m-in-xrp-was-stolen-cold-wallet-maker-says-seed-import-made-wallet-hot
π3β€1π₯1π1
β‘οΈRoughly 15,959 BTC (~$1.8 billion) linked to the 2020 LuBian mining pool hack has just been moved across four wallets in what appears to be a coordinated transaction.
β‘οΈWhen dormant hack funds of this scale start moving, itβs a stress test for every exchange risk engine, chain analytics platform, and AML pipeline out there.
π«οΈStay sharp, monitor flows, and verify counterparties.
β‘οΈWhen dormant hack funds of this scale start moving, itβs a stress test for every exchange risk engine, chain analytics platform, and AML pipeline out there.
π«οΈStay sharp, monitor flows, and verify counterparties.
π₯4π2β€1π1
β‘οΈGarden Finance suffered a multi-chain exploit: the attacker drained up to ~$10M across Arbitrum, Solana and more, and SEED dropped >60% within minutes.
β‘οΈThe team is offering a 10% βwhite hat bountyβ and asking for the funds back. Bridges remain DeFiβs softest attack surface.
β‘οΈThe team is offering a 10% βwhite hat bountyβ and asking for the funds back. Bridges remain DeFiβs softest attack surface.
β€3π1π₯1π₯°1
β‘οΈBalancer exploited across multiple chains. Latest estimates range $110Mβ$128M drained, mostly WETH / osETH / wstETH from affected pools; some forks also paused. Incident appears centered on v2-style pool mechanics.
π«οΈImmediate actions: enable per-pool pause/guardians, raise LST wrapper limits, add withdrawal delays, and monitor cross-chain vault flows in real time.
π«οΈImmediate actions: enable per-pool pause/guardians, raise LST wrapper limits, add withdrawal delays, and monitor cross-chain vault flows in real time.
π3π₯2β€1π1π1
China vs. U.S. over the LuBian BTC heist. Chinaβs CVERC alleges the U.S. βorchestratedβ the 2020 hack that drained 127,000 BTC (~$13B) from LuBian; U.S. narratives frame it as a lawful seizure tied to criminal probes.
Takeaway for builders: custody trails matter. Tag & trace treasury UTXOs, document funding provenance, and design incident-response playbooks for law-enforcement holds vs. criminal theft scenarios.
Takeaway for builders: custody trails matter. Tag & trace treasury UTXOs, document funding provenance, and design incident-response playbooks for law-enforcement holds vs. criminal theft scenarios.
β€2π2π₯2π1
π‘οΈExciting news!
Solidrate has successfully concluded the DEX audit for
@kedolik_swap
β Report: https://github.com/solidrate/audits/blob/main/kedolik-swap-audit-report.pdf
Solidrate has successfully concluded the DEX audit for
@kedolik_swap
β Report: https://github.com/solidrate/audits/blob/main/kedolik-swap-audit-report.pdf
π3π₯1π₯°1π1