Step 1-2 takes 6-12 months if you're serious. Actually understand EVM internals, common vulnerabilities, and can read production codebases fluently. Most people quit here because it's harder than YouTube made it seem. Step 3 is where 90% wash out. Contest leaderboards are

1/ Introducing The Mentorship Series 0xsimao.com/blog/introduci… I’m personally mentoring a small, hand-picked group of auditors in 2026. 1st announced tmr. 3 months of 1-on-1 mentoring with me each. Targets: 0 → 4 figures 4 → 5 figures Step 1: Like and repost this post.

🚨ALERT: Critial Severity Vulnerability found in React Update your React Server Components to 19.0.01, 19.1.2 or 19.2.1 versions IMMEDIATELY🔔 react.dev/blog/2025/12/0…

Solidity v0.8.31 is out! ✨ This latest version makes Osaka the default target for the compiler, extends storage layout specifiers, brings new deprecation warnings, Linux ARM builds, and more! Highlights in the thread! ↓🧵

NEW: Solidity Version 0.8.31 is OUT! Virtual modifiers and usage of `send` and `transfer` methods of `address` type variables now give you a deprecation warning (good stuff). No Critical Severity vulnerabilities found/fixed here🫡

KARATE COMBAT 58 | LIVE | ALVEY VS DESPAIGNE x.com/i/broadcasts/1…

KARATE COMBAT 58 | LIVE | ALVEY VS DESPAIGNE x.com/i/broadcasts/1…

I made $600k USDC in ~20 months of doing solo smart contract security audits ('23-'24) It all started when I was reading the Uniswap V2/V3 docs. I saw some whitehat (now OG in the space, samczsun) had done a "solo" audit for them. I was like "what? Solo audit? How good must

multiple fight announcements coming that will break the internet 😊 $karate combat

🎄Christmas riddle: how well do you understand the EVM, assembly and `mstore`? Find the vulnerability in this assembly code and post your solutuion below. Taken from a recent High Severity vulnerability finding from our experts in Pashov Audit Group. Happy Ho-ho-holidays🎅

Why most people fail to become auditors: 1⃣ They start with Solidity tutorials. Wrong. Start with reading exploit post-mortems: - Ronin bridge ($625M) - Poly Network ($611M) - BNB bridge ($586M) See what broke. Then learn why the code allowed it. Context before syntax. 2⃣

please don’t make fun of children today on christmas for believing in santa i know fully-grown adults who believe autonomous AI agents will takeover the web3 security industry

visited 6 countries promoted to senior software engineer won a global award in the UAE built Quran Unlock over the weekends: 100k+ users in 40 days Alhamdulillah 🤲

Become an absolute Web3 Security beast in 2026!! Resources: 1. Owen Thurm - Web3 Security 101 playlist (Youtube) 2. Past audit reports - solodit.xyz 3. DeFi bible - github.com/OffcierCia/ult… 4. Books & Blog - rareskills.io/blog 5. Use AI to your advantage

10-Weeks web3 security Mentorship Today is the day Course Outline: docs.google.com/document/d/10V… Application Form: docs.google.com/forms/d/e/1FAI… 50 Slots only. First Come First Served.

If you have 0 vulnerability ideas You must "fuel" yourself. Good approach is to look sideways. • Pull up a similar protocol. • Find the same function. • Analyse the difference. Don't stare at one codebase hoping for inspiration. Reason wider. Research wider.

As promised, The first 12 registrants of our 10-weeks web3 security mentorship have either gotten a telegram link in their DM or I added them to the group. @Dyslexic 0xKitetsu.eth | For Hire Emmar Wonder sagar (security arc) Naksh Red Rose rasenrhino han 🛡️ nikos Ayush Srivastava

Members of the mentorship that were removed from group after we added topics should dm me to be re-added.

It’s terrifying how easily history repeats itself in Web3. I was looking at the code for the Ronin and Wormhole hacks recently. Different names, different chains, but the exact same human errors. That realization changed how I ran my mentorship today. I threw out the