Such an evil idea: When rescuers want to recover locked funds they need to fund the gas for txs. Well, this is now impossible because the account will revert if you send ETH. The owners/rescuers will need to delegate (7702) to another contract before they can recover funds.

I wrote-up how I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation. Link to the blog post below 👇

This was our interception bot rescuing $41K. The original attack landed 1.5 secs later: bscscan.com/tx/0x298fdcb6a… If you want to protect your funds from similar attacks, reach out to us.

On-chain transactions are complex and everyone keep depending more and more on simulation to understand what will happen. But what happens when that preview doesn't match reality? Simulation isn't a silver bullet. bitfinding.com/blog/enforcing…

EIP-7702 (in Pectra) and ERC-4337 allow bundling these guarantees with your main transaction. Atomically. Safely.

If your workflow doesn't include LLMs at any point, then there's a huge room for improvement somewhere there

If you're building an AI bug hunter that "matches a top auditor's performance", I expect it to crush every bug bounty contest out there

So happy to be featured this week in Blockchain Threat Intelligence . As an avid reader it was such a great surprise!

This happened: agent was stuck making the same mistake over and over and I couldn’t convince it of implementing the correct approach from the prompt. So I wrote a test and I was able to convince it that way!

Specifically some interesting resources: 1. Reproducible builds are crucial for TEE applications - quorum.tkhq.xyz/posts/remote-a… 2. TLS in TEEs - quorum.tkhq.xyz/posts/tls-sess… 3. Verifiable foundations, an architecture overview - whitepaper.turnkey.com/foundations/

so, I'm writing an initial draft for the operational security travel guide within SEAL's Security Frameworks. I would KILL for feedback on this. I know many WILL disagree, and that's OK. I just need anyone besides myself to roast it frameworks.securityalliance.dev/opsec/travel/g…

We should start deprecating biometric logins before it's too late. There's enough data out there to replicate almost anyone's fingerprints and faces. It's only time til we see an open model specialized in tricking faceid or a gadget that can quickly reconstruct fingerprints.

etherscan.io/tx/0xcb14801ff…

Another attacker who was frontrun by a bot. Original attacker is: bscscan.com/address/0x8e45…

Only a few finetune, the rest overfit