We have released `Lighthouse v7.0.0` which supports the Pectra upgrade on Ethereum mainnet that will land on May 7, 2025. Let's dive in to the changes!

Today’s bug in rsETH minted a cool $31,220,047,901,664,100,000 to the Kelp Treasury as a protocol fee. A rewrite of the protocol fee calculations did not take into account that the code was using 1e36 based numbers for the assets. Here’s the details: 🧵 1/6

Office hours with Vyper is happening in a little over 2 hours. Get ready for another compiler deep dive where we will explore: - Venom IR (intermediate representation) - Optimization strategies - Security guarantees Invite in the reply.

The latest update to YEET includes a minimal Farcaster integration so you can start building mini apps straight from your project. This implementation uses only the frames.js library and vanilla nextjs code to reduce dependencies on any third-parties and SDKs. In future

Twitter of Curve Finance seens to be hacked - be careful!

Hackers almost gained god-like access on Solana, with the power to mint unlimited tokens or drain funds from any wallet. The bug was fixed quietly, but it exposed some serious flaws in the system.

anyone else excited to add email address recovery to *any* eoa?

The Zunami protocol has been hacked — the collateral for zunUSD & zunETH has been stolen. We are currently investigating the situation.

Zunami Protocol reports it has been hacked and the collateral for zunUSD and zunETH has been stolen

Ugh I wish someone would make a video on incremental Merkle trees🤔 I was trying to understand how ZKsync (∎, ∆), Tornado Cash and other fun ZK stuff worked and it’s just so flipping confusing Oh wait a minute! I just made one 😁 INCREMENTAL MERKLE TREES EXPLAINED!!! 🌳🩷

Yaniv Tal speaking at ETHGlobal Pragma Prague about Growing the Infinite Garden with Knowledge Geo The Graph Yaniv Tal Photo credit: Benjamin Arthur

BlockThreat - Week 23, 2025 💙 Sponsored by Coinspect Security 💸 ALEX 🟧 No. 1 Bitcoin DeFi $14M compromise on Stacks 🏦 BitoGroup 幣託集團 admits an $11.5M hack. 👮 French crypto extortion gang leader arrested 🤡 Libra investigation against Milei dropped newsletter.blockthreat.io/p/blockthreat-…

😔💔 I’m Roman Storm. I poured my soul into Tornado Cash—software that’s non-custodial, trustless, permissionless, immutable, unstoppable. In 31 days, I face trial. The DOJ wants to bury DeFi, saying I should’ve controlled it, added KYC, never built it. SDNY is trying to crush

Israeli hackers exploited an Iranian exchange and straight up burned all the $80M exploited to vanity addresses like "TKFuckiRGCTerroristsNoBiTEXy2r7mNX" That's some hall of fame hating right there h/t ZachXBT

Day 440 since the Samourai Wallet developers were indicted, raided, & arrested. Non-custodial wallets are not money transmitters. CoinJoins are not money laundering. Drop the charges. Stop the lawfare. Details: freesamourai.com Support: p2prights.org/donate.html

Looks like GMX was exploited for $40m

🚨 A high-severity flaw in Cursor AI (CVE-2025-54136) let attackers hijack trusted MCP configs—triggering remote code execution every time you opened the project. No re-prompt. No warning. Just silent compromise by modifying a config file you already trusted. Learn more →

I've been in crypto for over 10 years and I’ve Never been hacked. Perfect OpSec record. Yesterday, my wallet was drained by a malicious Cursor extension for the first time. If it can happen to me, it can happen to you. Here’s a full breakdown. 🧵👇

New malicious extension in Open VSX using the same pattern. Uploads to the marketplace as a test extension and then updates to include a new file which decodes to execute from a Cloudflare worker. Diff shown below for the file `prompt.js` nomic-foundation.hardhat-solidity

How Meme's hacked high value individuals trading memecoins : CVE-2025-43300 exploits of high net worth individuals like orangie thread 🧵 CVE-2025-43300 is a zero-day vulnerability in Apple's ImageIO framework, which is responsible for processing and rendering image files