Our founder Alexey speaking today the first time publicly about safety of Web3 Applications at Linea Voyage Waypoint in Munich. Exciting times ahead 🚀

🚀 OnChainTrust has been accepted into Gitcoin Grants Round 20 🚀 Support us by visiting our page on Gitcoin. Every bit of support helps us make Web3 a safer space! explorer.gitcoin.co/#/round/42161/… Gitcoin #GG20 #Gitcoin #GitcoinGrants20 #GitcoinGrants

🚨 URGENT: The Compound Labs website (compound[.]finance) has been compromised. Please do not visit the website or clink any links until further notice. An update will be provided when available. This is our final message // end of tweet. 🚨

We just learned that dYdX v3 website (dYdX . exchange) has been compromised. Please do not visit the website or click any links until further notice. An update will be provided when available. This message does not relate to dYdX v4.

The Ethena domain registrar account was recently compromised and we have taken steps to deactivate the site until further notice. The protocol is unaffected and funds are safe. Please do not interact with any site or application purporting to be the Ethena frontend.

On Oct 30, 9:12 PM - 11:22 PM CET, 1inch dApp users may have encountered a malicious wallet connect and signature request. This signature allows an attacker to drain user's funds. Only the 1inch web dApp was affected; the 1inch Wallet, API, and protocols were never compromised.

x.com/i/article/1894…

🚨 There’s a large-scale supply chain attack in progress: the NPM account of a reputable developer has been compromised. The affected packages have already been downloaded over 1 billion times, meaning the entire JavaScript ecosystem may be at risk. The malicious payload works

HACKERS HIJACK NPM PACKAGES IN WHAT IS BEING CALLED THE LARGEST SUPPLY CHAIN ATTACK IN HISTORY IF YOU USE A HARDWARE WALLET, PAY ATTENTION TO EVERY TRANSACTION BEFORE SIGNING IF YOU DON'T USE A HARDWARE WALLET, REFRAIN FROM MAKING ANY ON-CHAIN TRANSACTIONS FOR NOW:

This time, several old system JS packages were attacked – debug (357M installations per week) and chalk (299M installations per week), along with a bunch of others, through a Git hack of one of the previous maintainers. You can read the full report here (github.com/debug-js/debug… )

We’re actively investigating a frontend compromise. Please do not access the site through any URL — primary domain or decentralized mirrors — until we confirm everything is safe. All smart contracts appear secure. Updates soon.