1/ 🚨 On Jan 8, 2025, Moby experienced an incident involving a private key leak, impacting LP assets across certain protocols. Here’s what happened: 🧵👇

The past year, we’ve achieved some incredible milestones: -Securing 2.8 million users and safeguarding $350.000.000 in funds. -Delivered penetration tests and vulnerability assessments to leading Web3 platforms. -Expanded our reach, partnering with exciting new projects across

1/ Critical Sitewide XSS: A Deep Dive Today, we're showcasing one of our recent findings: a sitewide stored XSS vulnerability that allowed for the execution of arbitrary JavaScript across multiple pages of a platform. Here’s how it happened—and what we did to fix it🧵

Before our pentest, security vulnerabilities left this platform wide open for attacks. After testing and remediation, here's how things improved. Every security flaw fixed means fewer risks for users. Need a pentest? Let's talk. borgsecurity.io/contact

Dust disclosed a bug submitted by sjalu: hackerone.com/reports/3115705 #hackerone #bugbounty

1/ 🚨 Vulnerability disclosure: We found a way to access sensitive user documents by reverse-engineering a broken image hashing system. Yeah, this included pulling previously uploaded documents, like IDs. Here’s how we broke it 👇

We recently had the pleasure of working with Privy . “Borg Security conducted a thorough security audit of parts of our application stack, and we were impressed with their professional approach and technical expertise throughout the engagement. (...)” - AndrewMohawk⁽ⁿᵘˡˡ⁾

It’s official, Genius and Borg Security have partnered. Genius cares deeply about their users and wanted to ensure the highest level of protection for the community they value so much, that’s why they chose to collaborate with us. After completing a full security

Sorry😪

Stay safe

We're happy to be collaborating with LUTE to ensure the company and their users are forever protected. > LUTE 🛡️

why would they?