Here’s a writeup of the recent ExifTool bug (CVE-2021-22204) I discovered while working on the #bugbounty program at @gitlab! Issue was in the DjVu module but can be embedded it most other formats. Make sure to patch GitLab and ExifTool! https://t.co/sWxkHPTRJS

You’re probably using WebViews wrong. There are a million ways to use a WebView wrong. Properly securing a WebView is hard. In this thread, we’ll cover common vulnerabilities in wallet WebView implementations and the ways to properly secure WebViews.

How to spot misleading audit competition metrics Competitions are crowdsourced audits, where auditors compete to find bugs in a set timeframe. Last year, we acquired @code4rena which does these. We've also seen tons of misleading sales pitches. Here's what to watch out for: 🧵

With the rise of AI agents, we expect new bugs, but we’ve instead found old bugs in disguise. Let’s look at two old-school bugs we found while looking at elizaOS: • An SSRF allowing internal services to be accessed • An LFI allowing host files to be read Let’s dive in 🧵

Just completed my 10th audit as a contractor @zellic_io and these are my top favourite things about this place: 1. They have a diverse and deep talent pool. World top Web security, Cosmos, Rust, Golang, MOVE. They have experts in every direction I want to move into (pun

What happens when Random() isn’t random? Here’s how popular projects, including Proton Wallet and the Dart SDK were all affected by the same underlying weakness we uncovered in the Dart/Flutter ecosystem. All issues found were responsibly disclosed with the vendors. Let’s go

✨ Our judges also decided to give a special mention to @wcbowling for his submission in which the bug allows a `multisig` storage variable to be overwritten, allowing the `emergencyWithdraw` function to be called by an attacker. Read @PatrickAlphaC’s thoughts on this

Version 0.11.0 of gnark was just released, which fixes two vulnerabilities in the Groth16 backend reported by Zellic (CVE-2024-45039, CVE-2024-45040). These affect the soundness and ZK property of generated proofs. Read on for more details and how to check if you're vulnerable.

Zellic has moved forward to the final voting phase for @arbitrum's Security Council! We ask delegates to vote for Zellic as the Security Council furthers our mission to maximize TVL and extends our commitment to Arbitrum and its ecosystem. Vote here:

2023 was another great year for the team! 🎉 Blue Water, a collab between perfect blue and @Water_Paddler, placed 1st in CTFtime globally!🏆 🥇1st place in 6 CTFs 💻Hosted a successful pbctf 2023 In the past, we also placed first in 2020 and 2021.✌ Looking forward to 2024!🎆

The dangers of integer truncation: How the Zellic team found a critical vulnerability in the @AstarNetwork. This bug allowed an attacker to drain certain LP contracts on the Astar-EVM, with no bugs required in the contracts. Read more: 🧵👇

Meet Cairo, the native language of Starknet. In this thread we'll: ✅ Introduce Cairo & Starknet ✅ Explore the security features of Cairo ✅ Examine potential pitfalls when writing contracts in Cairo ✅ Give you things to consider when writing secure code Let's dig in👇🧵:

Earlier this morning, @safemoon's Liquidity Pool was compromised and USD 8.9M worth of tokens were withdrawn. After looking at the transaction trace and the recent contract changes, we can tell you what happened:

Writeup for #PBCTF2023 git-ls-api

It's finally happening! pbctf 2023 is here 🗓️ Feb 18th, 14:00 UTC to Feb 20th 02:00 UTC (36 hours) 🎁 A $10,000 prize pool Proudly sponsored by @Zellic_io https://t.co/EOKVUMmTBP

https://t.co/p203NPaEDQ

This weekend, we played 0xmonaco @matchbox_dao, a web3 gaming competition. We developed a highly profitable racing strategy by leveraging clever math and bugs. We got DQ-ed😅 In this thread, we'll break down: 🎯 our car's unique strategy 🎯 the vulnerabilities our car exploited

CTF + Bug Bounty + GitLab? How could I refuse such a challenge 😀

My pleasure to share the details of my first #RCE:

Here are the Slides for "Electrovolt" published at @nullcon, @BlackHatEvents, and @defcon https://t.co/SAFDZ6L5JO

Asana Electron desktop app open redirect to local file read Did you knew local files in Electron have file:// origin not null, with another Mac trick we load our malicious file and steal any file on the pc https://t.co/4XAb3WW0ME