Monday, October 13, 2025

Early October didn’t disappoint - same magicians, same disappearing acts. Another week, another protocol proving that “deprecated” doesn’t mean “disabled.”

How Stablecoins Manage Risk: Collateral, Redemption and Reserves (8 min read)
Stablecoins promise price stability but hide a minefield of risks - from market runs and depegs to custody leaks and liquidity crunches. S&P Global’s new framework breaks down how issuers use overcollateralization, liquidation backstops, and reserve buffers to keep the peg intact - or at least delay the inevitable spiral when trust cracks before the code does.

Top 5 Crypto & Web3 Hacks That Started With Phishing (20 min read)
Bridges get breached, but inboxes start the fire. From fake job offers and poisoned npm packages to ice-phishing dApps that steal with your own signature, social engineering remains crypto’s quiet apocalypse. Lazarus keeps hiring, users keep signing, and “cold wallets” keep melting.

Governance as an Attack Vector in Web3 Protocols (8 min read)
When “community control” meets concentrated power, transparency becomes theater. From Beanstalk’s instant-drain proposal to Compound’s delegate cash-grab, governance itself has turned into an attack surface, where insiders don’t break the rules, they are the rules.

The Crypto Threat Landscape: Threats and Exploits Targeting Crypto Users (92 min read)
From pig butchering to poisoned wallets, crypto’s dark economy thrives on one thing-human behavior. This report dissects the new playbook of digital deception: fake love, fake airdrops, fake help, and very real losses. Behind every drainer script and phishing kit is the same story-trust weaponized at scale, turning curiosity into collateral and decentralization into the perfect cover for global fraud.

Abracadabra (MIM) $1.8M Hack Explained: How a Virtual Hook Bypassed Solvency Checks (5 min read)
A single virtual hook turned Abracadabra’s solvency logic into vapor, letting an attacker drain six Cauldrons of MIM without posting collateral. The flaw bypassed all end-of-transaction checks, proving once again that in DeFi, convenience functions breed catastrophe.

North Korea’s Lazarus racks up record crypto haul as 2025 thefts top $2B. Elliptic ties massive exchange breaches and targeted social-engineering campaigns to state-backed actors who launder funds across chains and mixers to bankroll Pyongyang’s programs - a reminder that the weakest link is human, not just code.

Railgun Builds the Private Multi-Sig Wallet Vitalik Asked For. Weeks after Vitalik Buterin challenged developers to make privacy tools more practical, Railgun delivered a prototype private multi-signature wallet for Ethereum - hiding who signs what with ZK proofs and FROST signatures. It’s the first real shot at institutional-grade privacy on Ethereum, and maybe the answer to Vitalik’s “why not privacy?” question.

Ransomware Surges 146% as Attackers Go GenAI and Extortion-First. Zscaler’s 2025 ThreatLabz report charts a new ransomware era: AI-crafted payloads, faster execution, and public shaming over encryption.

British duo plotted $23M crypto heist from a prison cell. Prosecutors say Robert Barr and Barry Letham scouted crypto-rich victims and planned armed robberies while one was jailed, underscoring a grim evolution of “wrench attacks” where wallets aren’t hacked-they’re beaten out of you.

CometJacking Turns Perplexity’s AI Browser Into a Data Thief. A single malicious link can hijack Comet’s AI to siphon Gmail, calendar, and connector data. One click, and your “smart” browser becomes the attacker.

• Hacken fortified Somnia’s mainnet launch with dual audits on its PBFT consensus and staking layers, resolving critical vote-aggregation and state-poisoning flaws before go-live. The reviews hardened validator lifecycle and governance mechanics, enabling Somnia’s September 2025 mainnet to scale securely with enterprise-grade consensus resilience and minimal liveness risk.

• Cantina audited Velodrome’s Swapper and Relay contracts, identifying five informational findings and one gas optimization. Fixes improved time restriction consistency, parameter documentation, and code clarity, while acknowledged issues around ownership transfer and slippage remain managed through trusted keeper infrastructure.

• ChainSecurity audited Spark Vaults V2, confirming strong functional correctness, asset security, and implementation integrity for SparkDAO’s ERC-4626 vault system. The overall security was rated high for the upgraded yield distribution mechanism.

• Hacken validated the cryptographic and execution integrity of COTI and Soda Labs’ privacy stack through dual audits of the MPC protocol and gcEVM. Over 20 issues were identified and remediated, securing the garbled-circuit backend and privacy-preserving EVM layer that now underpin COTI’s confidential Layer 2 for Ethereum.

• Quantstamp audited Bucket Protocol V2, a collateralized debt position-based stablecoin on Sui, uncovering 13 issues -one high-severity- all resolved through fixes or mitigations. The review confirmed strong architecture and test coverage (>90%) but advised better bad debt mechanisms and improved documentation for long-term protocol resilience.

One year ago, Radiant Capital promised cross-chain lending brilliance - instead, they delivered a cross-chain funeral. Over $53 million vanished in a “secured” 3-of-11 multisig setup that might as well have been 3-of-who-cares. The attacker spent two quiet weeks planting malicious contracts before slicing through Radiant’s defenses like butter, leaving users rekt across BSC and Arbitrum. When your safety plan needs eleven signatures but only uses three, decentralization isn’t your problem - delusion is.

SolarWinds shipped a Trojan straight into the heart of the U.S. government - a supply-chain time bomb signed, sealed, and delivered as a “routine update.” When the dust settled, FireEye, not the Feds, found Russia lurking in the code, proving that in cyberwar, the weakest link isn’t the password… it’s the patch.

Skip the bots, hit the brains.

Get your message in front of the sharpest, most battle-tested crowd in crypto.

If they notice you, the whole space will. [Partner with us]

We provide an anonymous platform for whistleblowers and DeFi detectives to present their information to the community. All authors remain anonymous. 
We are all rekt.