Quantum Internet Launches 2027: How It Ends Privacy Forever (and the 4 Tools to Stay Invisible)
• https://x.com/officer_secret/status/2044468059369304559?s=461
#security #privacy
• https://x.com/officer_secret/status/2044468059369304559?s=461
#security #privacy
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
Quantum Internet Launches 2027: How It Ends Privacy Forever (and the 4 Tools to Stay Invisible)
🔥11❤5✍3👍1💯1💘1
Forwarded from Officer’s Articles
I Reviewed 47 Crypto OpSec Failures - The ONE Mistake 100% of Victims Made
Link: https://officercia.medium.com/i-reviewed-47-crypto-opsec-failures-the-one-mistake-100-of-victims-made-6bedf9bce130
Link: https://officercia.medium.com/i-reviewed-47-crypto-opsec-failures-the-one-mistake-100-of-victims-made-6bedf9bce130
Medium
I Reviewed 47 Crypto OpSec Failures — The ONE Mistake 100% of Victims Made
For the first three months of 2026, I did something that most people in crypto don’t want to do: I read every post-mortem, on-chain…
❤9🔥4💯3
It looks like Rhea finance has been exploited! $7.6M drained.
Attacker deployed fake token contracts, seeded liquidity in fresh pools, then manipulated the oracle + validation layer to extract real assets (USDC, USDT, ZEC, NEAR, etc.).
• https://x.com/officer_secret/status/2044879371312202180?s=46
#security #alert
Attacker deployed fake token contracts, seeded liquidity in fresh pools, then manipulated the oracle + validation layer to extract real assets (USDC, USDT, ZEC, NEAR, etc.).
• https://x.com/officer_secret/status/2044879371312202180?s=46
#security #alert
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
It looks like @rhea_finance has been exploited!
$7.6M drained.
Attacker deployed fake token contracts, seeded liquidity in fresh pools, then manipulated the oracle + validation layer to extract real assets (USDC, USDT, ZEC, NEAR, etc.).
$7.6M drained.
Attacker deployed fake token contracts, seeded liquidity in fresh pools, then manipulated the oracle + validation layer to extract real assets (USDC, USDT, ZEC, NEAR, etc.).
❤7👍3🔥3
The EMP Blackout Is Coming: How to Keep Your Family Alive When the Grid Dies for 6 Months
• https://x.com/officer_secret/status/2044668311162470461?s=46
#opsec
• https://x.com/officer_secret/status/2044668311162470461?s=46
#opsec
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
The EMP Blackout Is Coming: How to Keep Your Family Alive When the Grid Dies for 6 Months
❤7👍5💯3🤔1
Do Only 2–3% of an Asset’s Supply on Exchanges Really Determine Its Price?
• https://x.com/officer_secret/status/2044938114821501000?s=46
#finance
• https://x.com/officer_secret/status/2044938114821501000?s=46
#finance
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
Do Only 2–3% of an Asset’s Supply on Exchanges Really Determine Its Price?
❤7👍3💯3
KELPDAO'S liquid staking token potentially exploited for over $280M!
• https://x.com/officer_secret/status/2045573559615934890?s=46
• https://x.com/officer_secret/status/2045576667536453837?s=46
#security #alert
• https://x.com/officer_secret/status/2045573559615934890?s=46
• https://x.com/officer_secret/status/2045576667536453837?s=46
#security #alert
❤8💯4👍3🤔2🥰1👨💻1
The issue with the KelpDAO 280m$ hack was that it was just secured by just 1/1 validator set (DVN) on LayerZero Core . Which means one faulty transaction from a validator is all that's needed.
• https://x.com/officer_secret/status/2045616225812623626?s=46
#security
• https://x.com/officer_secret/status/2045616225812623626?s=46
#security
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
The issue with the @KelpDAO 280m$ hack was that it was just secured by just 1/1 validator set (DVN) on @LayerZero_Core . Which means one faulty transaction from a validator is all that's needed.
What the actual fuck?! What’s the point of multisig if it is…
What the actual fuck?! What’s the point of multisig if it is…
❤11🔥6💯3👍1
This is some of the OFT adapters at risk. Urgent for teams!
Yes, the KelpDAO exploit is different. But also relies on this principle of trusting 1 source.
• https://x.com/officer_secret/status/2045688050324226545?s=46
#security
Yes, the KelpDAO exploit is different. But also relies on this principle of trusting 1 source.
• https://x.com/officer_secret/status/2045688050324226545?s=46
#security
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
This is some of the OFT adapters at risk. Urgent for teams!
Yes, the @KelpDAO exploit is different. But also relies on this principal of trusting 1 source
Because any OFT that inherited LayerZero's default DVN config (single LZ Labs DVN, no custom multi…
Yes, the @KelpDAO exploit is different. But also relies on this principal of trusting 1 source
Because any OFT that inherited LayerZero's default DVN config (single LZ Labs DVN, no custom multi…
👍9❤3💯3
Vercel has been hacked! Here is a full thread: https://x.com/officer_secret/status/2045973049841967561?s=46
#security #alert
#security #alert
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
Vercel has been hacked!
According to @acceleratooooor , here's how to triage:
1. Go to https://t.co/eE7TkqChf1
2. Security → Access and data control → API controls → App access control → Manage Third-Party App Access
3. Search for client ID:
According to @acceleratooooor , here's how to triage:
1. Go to https://t.co/eE7TkqChf1
2. Security → Access and data control → API controls → App access control → Manage Third-Party App Access
3. Search for client ID:
❤8👍3💯3🤔2
Here is a aWETH redemption protocol allowing ETH lenders on Aave to swap into wstETH or weETH.
Even if user has debt against ETH, he can swap collateral to wstETH or weETH and the debt will remain the same. It will significantly reduce systematic risk for Aave, users, and DeFi as a whole: https://x.com/officer_secret/status/2046013051040678129?s=46
#web3
Even if user has debt against ETH, he can swap collateral to wstETH or weETH and the debt will remain the same. It will significantly reduce systematic risk for Aave, users, and DeFi as a whole: https://x.com/officer_secret/status/2046013051040678129?s=46
#web3
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
Here is a aWETH redemption protocol allowing ETH lenders on Aave to swap into wstETH or weETH.
Even if user has debt against ETH, he can swap collateral to wstETH or weETH and the debt will remain the same. It will significantly reduce systematic risk for…
Even if user has debt against ETH, he can swap collateral to wstETH or weETH and the debt will remain the same. It will significantly reduce systematic risk for…
❤9👍4💯3👏1
Lazarus Group behind $290M KelpDAO exploit!
• https://x.com/officer_secret/status/2046294895313252611?s=46
#security #analysis
• https://x.com/officer_secret/status/2046294895313252611?s=46
#security #analysis
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
Lazarus Group behind $290M KelpDAO exploit!
TraderTraitor poisoned the RPC infrastructure (I tend to think that it’s their internal rpc, otherwise it would he named in bold text) used by LayerZero's DVN a
- DDoSing legitimate nodes to force failover onto…
TraderTraitor poisoned the RPC infrastructure (I tend to think that it’s their internal rpc, otherwise it would he named in bold text) used by LayerZero's DVN a
- DDoSing legitimate nodes to force failover onto…
❤9👍4🔥4💯1
Arbitrum just froze $70m in ETH (30,766 ETH) that has been hacked by DRPK-associated attackers in a recent KelpDAO incident: https://x.com/officer_secret/status/2046453357724790793?s=46
More information in a thread.
#security #web3
More information in a thread.
#security #web3
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
Arbitrum just froze $70m in ETH (30,766 ETH) that has been hacked by DRPK-associated attackers in a recent @KelpDAO incident. Nicely done!
https://t.co/aEzMrkS9tf
https://t.co/aEzMrkS9tf
👍10❤4💯4🤔3✍1🔥1
Lazarus Group Just Released “Mach-O Man” – A Brand-New Native macOS Malware Kit Targeting Fintech, Crypto, and High-Value Executives
You get an “urgent” meeting invite over Telegram for a Zoom, Teams, or Google Meet call. The link leads to a convincing fake website that tells you to copy and paste one simple command into your Mac’s Terminal to “fix the connection issue.”
You run it… and Mach-O Man has just taken over your Mac.
• https://x.com/officer_secret/status/2046719684213710894?s=46
#security #macos
You get an “urgent” meeting invite over Telegram for a Zoom, Teams, or Google Meet call. The link leads to a convincing fake website that tells you to copy and paste one simple command into your Mac’s Terminal to “fix the connection issue.”
You run it… and Mach-O Man has just taken over your Mac.
• https://x.com/officer_secret/status/2046719684213710894?s=46
#security #macos
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
Lazarus Group Just Released “Mach-O Man” – A Brand-New Native macOS Malware Kit Targeting Fintech, Crypto, and High-Value Executives
You get an “urgent” meeting invite over Telegram for a Zoom, Teams, or Google Meet call. The link leads to a convincing fake…
You get an “urgent” meeting invite over Telegram for a Zoom, Teams, or Google Meet call. The link leads to a convincing fake…
❤11👍3💯3
$585K Drained Across 4 Victims in 11 Hours!
One of victims lost 3 WBTC (~$221K) after signing a phishing increaseApproval signature - moments after withdrawing from Aave. Victim: 0x5d908c88bE270889C0953E7dfF1C8E1D699cEeA3
All four victims were hit by the same drainer contract. In order to stay protected from such attacks, you should use tools like RevokeCash, TenderlyApp , web3_antivirus , delegatedotxyz, and of course Rabby Wallet.
Stay safe!
• https://x.com/officer_secret/status/2046803885465927948?s=46
#security #alert
One of victims lost 3 WBTC (~$221K) after signing a phishing increaseApproval signature - moments after withdrawing from Aave. Victim: 0x5d908c88bE270889C0953E7dfF1C8E1D699cEeA3
All four victims were hit by the same drainer contract. In order to stay protected from such attacks, you should use tools like RevokeCash, TenderlyApp , web3_antivirus , delegatedotxyz, and of course Rabby Wallet.
Stay safe!
• https://x.com/officer_secret/status/2046803885465927948?s=46
#security #alert
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
$585K Drained Across 4 Victims in 11 Hours!
One of victims lost 3 WBTC (~$221K) after signing a phishing increaseApproval signature - moments after withdrawing from Aave. Victim: 0x5d908c88bE270889C0953E7dfF1C8E1D699cEeA3
All four victims were hit by the…
One of victims lost 3 WBTC (~$221K) after signing a phishing increaseApproval signature - moments after withdrawing from Aave. Victim: 0x5d908c88bE270889C0953E7dfF1C8E1D699cEeA3
All four victims were hit by the…
❤10👍4💯4💘1
Protecting Your Linux System Against DPRK (North Korean) Cyber Attacks
• https://x.com/officer_secret/status/2047071481549701362?s=46
#security #privacy
• https://x.com/officer_secret/status/2047071481549701362?s=46
#security #privacy
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
Protecting Your Linux System Against DPRK (North Korean) Cyber Attacks
❤9🔥5💯3
Forwarded from Officer’s Articles
They’re About to Ban Cash Worldwide — The Exact Timeline and What You Must Own Before It Happens
Link: https://medium.com/thecapital/theyre-about-to-ban-cash-worldwide-the-exact-timeline-and-what-you-must-own-before-it-happens-f8709641308a
Link: https://medium.com/thecapital/theyre-about-to-ban-cash-worldwide-the-exact-timeline-and-what-you-must-own-before-it-happens-f8709641308a
Medium
They’re About to Ban Cash Worldwide — The Exact Timeline and What You Must Own Before It Happens
Pay attention. Governments aren’t just “modernizing” money; they’re trying to get rid of cash as quickly as possible and replace it with…
❤4👍2💯2
Forwarded from Defendor — DeFi Security
🐧 DPRK Is Actively Targeting Linux Users
Lazarus Group is hitting developers and IT professionals via fake job offers, malicious coding challenges, and supply-chain poisoning across npm, PyPI, and GitHub.
Key defenses: never run unverified code, enable SELinux/AppArmor, sandbox unknown binaries, and treat every unsolicited "opportunity" as a potential attack vector.
🔗 Details
Lazarus Group is hitting developers and IT professionals via fake job offers, malicious coding challenges, and supply-chain poisoning across npm, PyPI, and GitHub.
Key defenses: never run unverified code, enable SELinux/AppArmor, sandbox unknown binaries, and treat every unsolicited "opportunity" as a potential attack vector.
🔗 Details
❤5🔥3💯2
Tether just froze 2 wallets holding $344M USDT on Tron blockchain:
• x.com/officer_secret/status/2047288597120770547?s=46
#security
TCXfhTDMuS6pbfCEoACPcBf2EnnhMAAEWh
TTiDLWE6fZK8okMJv6ijg42yrH6W2pjSr9
• x.com/officer_secret/status/2047288597120770547?s=46
#security
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
Tether just froze 2 wallets holding $344M USDT on Tron blockchain 👀
Addresses:
TCXfhTDMuS6pbfCEoACPcBf2EnnhMAAEWh
TTiDLWE6fZK8okMJv6ijg42yrH6W2pjSr9
That’s a lot!
Addresses:
TCXfhTDMuS6pbfCEoACPcBf2EnnhMAAEWh
TTiDLWE6fZK8okMJv6ijg42yrH6W2pjSr9
That’s a lot!
👍5❤2💯2👀1👾1
It looks like giddydefi has been hacked for $1.3M.
Another day, another hack: https://x.com/officer_secret/status/2047334278418063516?s=46
#security #alert
Another day, another hack: https://x.com/officer_secret/status/2047334278418063516?s=46
#security #alert
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
It looks like @giddydefi has been hacked for $1.3M.
Another day, another hack.
Another day, another hack.
❤4👍3🔥2🤔1