Summary It’s easy to forget that smart contracts are not the only place where bugs can reside — the front websites of dApps are also vulnerable and still rewarding for successful bug hunters. Although most of the magic happens on the blockchain, dApps still have websites. …

Summary Whitehat Leon Spacewalker reported a critical vulnerability in Polygon on December 3. The vulnerability consisted of a lack of balance/allowance check in the transfer function of Polygon’s MRC20 contract and would have allowed an attacker to steal all ~9,276,584,332 MATIC (as of December 5, the date of the fix) from…

Astroport has just doubled its critical bug bounty reward from $1.5m to $3m, making it the largest bounty on Immunefi’s platform, beating TheGraph by a margin of $500,000. Since Immunefi hosts the world’s largest bug bounties, this effectively means that Astroport has the largest bug bounty program in the world…

Many whitehat hackers and bug bounty hunters who discover Immunefi already have some experience under their belt. They’ve often submitted bugs on other bounty platforms. They think that Immunefi — and Web3 hacking — is pretty much the same as Web2, except with a different language. That assumption is wrong. …

As we reach the end of an eventful year of ups and downs, it’s a good time to remember the silent figures securing DeFi behind the scenes: smart contract auditors, many of whom will need to work through the holiday to roll out audits for projects launching in January 2022. …

Everyone who has ever dealt with a blockchain system like Ethereum knows what blockchain consists of, such as blocks, transactions, and accounts. But we don’t often think about the basics of blockchain systems, just like we don’t often think about how our organs work. As organs need blood and oxygen…

Few names strike more fear into the hearts of blackhats than samczsun, known as perhaps the most prolific whitehat in DeFi security. …

Immunefi is announcing a strategic partnership with White Loop Capital, the first private investment fund in France to specialize in crypto-assets. Declared and domiciled in France, and supervised by a legal compliance agency, White Loop Capital aims to democratize access to crypto investments, while providing early-stage support to projects according…

We’ve got a big announcement today: we’re officially acquiring smart contract security firm Klevoya for the purposes of expanding our security products and services team. We’re building a coalition to secure the future of money, and the talent from Klevoya will help make that vision a reality. Klevoya has years…