Just shipped our 8th consecutive security audit report for @Listapiexyz_io ! Proud to continue securing top-tier DeFi infrastructure and supporting their ecosystem. Read the full report here: 👇 https://t.co/mEqEIh4tnC

Great working with @HyacinthAudits to lock down @liquidroyaltyX. 🔬 Scope: ProtocolVault We dug deep into the vault logic to ensure everything is watertight. 📄

We are pleased to release the security audit report for Pandora @HeyAnonai, a decentralized prediction market built for EVM-based blockchains. We’ve verified the security of their trading engine to ensure safe, efficient markets for all users. Read the full report:

🛡️ Exploit Analysis: YO Protocol (~$3.7M Loss) YO Protocol (@yield) suffered a slippage loss in a vault rebalance swap (3.84M stkGHO → only ~$112K USDC via Uniswap V4 pool). We decompiled the calldata: seems @yield blindly trusted the quote from @odosprotocol without confirming

🛡️ Securing the Move Ecosystem We are incredibly excited about the rapid growth of the @movementlabsxyz ecosystem! 🟡 AstraSec is proud to release the audit report for @LayerBankFi's ULAB. Our team conducted a deep-logic review to ensure a secure foundation for Move DeFi. 📑

@TMXTribe @waveX_fi Example transactions: (1) https://t.co/ylNG6cLRo0 (2) https://t.co/XOt1Je8HZX (3) https://t.co/NKGsYRZeAG (4) https://t.co/Zlm103mtMa

@Truebitprotocol It is a classic integer overflow in the purchase/mint pricing logic of an old smart contract (deployed ~5 years ago).Most calculations used safe math (mul/sub/div), but the final addition step was done with an unsafe add — when the attacker inputs an extremely large mint amount,

🛡️ Exploit Analysis: TMXTribe (~$1.4M Loss) On Jan 5-6, 2026, @TMXTribe on Arbitrum was exploited due to a flawed TLP token price calculation (p = AUM / total_TLP). The vulnerability shares the similar root cause as the recent @waveX_fi ( https://t.co/NAWYGiusVT) exploit. Swapping

@Truebitprotocol The attack tx:

🛡️ Exploit Analysis: Truebit Protocol (~$26M Loss) @Truebitprotocol A reminder that one missed check is all it takes. As shown in the image, the purchase function utilized SafeMath for most operations but missed the final addition step. The Vulnerability: The missing safe-add

2 years ago today, we launched AstraSec with a mission to secure the most complex logic in Web3. Today, we celebrate our 2nd Anniversary! A massive thank you to the founders and protocols who have trusted us to safeguard their infrastructure. To our partners @magpiexyz_io

AstraSec has successfully completed the security audit for @FriendSpaceApp. Big kudos to their team for their professionalism and commitment to building a secure ecosystem. 🤝 👇 View the findings:

1/ The total loss amounts to approximately $1 million. The @USPD_io attack exploited a known attack vector in the deployment of ERC1967Proxy contract. The attacker front-ran the initialization call post-deployment, injecting a malicious implementation. Initially, he masked his

⚠️ Another approval-misuse vulnerability exploited. collectInterestRepayment() can be called by anyone to forcibly pull USDC from any address that once approved the contract, boosting share price and redistributing the stolen funds as fake “interest.”If you ever approved USDC to

Solid and professional response for this tough incident! Although this attack was ultimately triggered by an incorrect rounding direction, the batchSwap and scalingFactors mechanisms introduced in Balancer V2 were also critical contributing factors that enabled the exploit.  Even

We’re excited to release our latest security audit for @AethonSwap. Big thanks to the Aethon team for their collaboration and trust throughout the process. Read the full report: https://t.co/1LZUiVE7Uy

We’re excited to announce the completion of our audit for Candylabs (@candylabs)! 🎉 Candy Forge is an innovative on-chain NFT customization protocol on Solana, and it’s been a pleasure working closely with the team to help secure their platform.

✅ The @orbs_network Spot Audit Report is now live! We’re glad to have worked with such a strong and talented development team. Check out the full report here 👇 🔗