Don't waste too much time hunting Medium bugs on Immunefi. Project can easily downgrade it. I learnt that from my submission. If the Med bug was not spotted after being live for some time, then it's likely a small edge case that has low likelihood of affecting users.

Excited to join Block and his blue team Sapphire Dynasty!

What makes one more suited to be a bug bounty hunter than an auditor? And vice versa? I'm inclined to believe there are some underlying factors that determines it even though both have overlapping skill sets.

Thanks to Pashov Audit Group, which gives me opportunities to perform team audits on interesting projects with talented auditors and learn from them! Here's an audit report we did recently.

Wow 1.2 mil for 21 days?

To every SR spreading FUD about contests not getting enough coverage next couple of weeks. I invite every single one of you to prove your claim and catch solo highs. If you can't do it, respectfully, shut up and stop spreading FUD.

🫡 everyone lets do your part and squash all those bugs!

Listen in to my recent talk on OpenSense ₿ , where I shared my personal insights on how I levelled up my auditing skills and improved my performance within a few months!

The one tool I cannot live without is Solidity Visual Developer by tintinweb. Definitely at least 2X my auditing speed with it. Thanks tintinweb !

This is a huge leap for web3 security. Congrats @bytes032.xyz !

Auditors, you wouldn't want to miss this great opportunity! CantinaBouncer

In November, I submitted a critical bug to Cronos (Cronos) which they downplayed and have since been kicked off Immunefi. Here's some info about the bug and an example of how projects can simply not pay a fair amount. Report: gist.github.com/fatherGoose1/6… tl;dr: - It's a

Excellent point by cergyk. Also, We as SRs need to understand that audit firms and contest platforms complements each other in the same way. It's not a zero-sum game.

Introducing Code4rena Pro League 🏆 ⭐ All-star auditors 🔒 Custom security services 🥇 The best security talent including cmichel, samczsun, cccz, 0x52, winnie, obront | eth/acc, and more! Read more: code4rena.com/blog/introduci…

Glad to see SR being rewarded in the ZKSync airdrop. Do check it out!

Introducing Zenith: an auditing firm that delivers good, affordable audits ASAP. Teams want to ship this week, not next month. And without critical bugs. We pick a team of top auditors and manage the audit. It's hassle-free. No more waiting: we can start at a moment's notice.

Congrats on the launch Zenith @bytes032.xyz ! 🔥

To demonstrate BurraSec's expertise, we’re offering a free full-day security review/consultation for projects integrating with LayerZero or Arbitrum—whether you’re already deployed or still in development. We’ll thoroughly review: LayerZero: Configuration (DVNs, Executor, and

Code4rena will run audit contests for free, as public goods. 100% of funds from sponsors will go directly to auditors and judges. We won't take any cut. Why? 1. Competitions are commodities. They're CRUD apps. Why should builders pay premium for a website just to submit bugs?