Security News & Insights
Stay updated with the latest developments in blockchain security and smart contract auditing
Bittensor Hack Highlights NFT-Based Money Laundering Risks
The Bittensor hack revealed how anime NFTs are exploited for money laundering, prompting urgent regulatory scrutiny and security measures for NFT platforms. The incident acted as a stark reminder for the crypto community, revealing the pressing need for improved security measures and stricter regulatory scrutiny in the NFT space.
CertiK Reports Surge in Crypto Hacks, $173M Lost in August
CertiK reported that crypto hacks shot up by over 13% from July to August 2025, with thieves walking away with around $173 million. Phishing scams alone made up $101 million of that total. The month's worst hits included a massive $91 million phishing attack and a $53 million hack of BTC Turk.
LISA Technical Report: An Agentic Framework for Smart Contract Auditing
The LISA framework combines rule-based and logic-based methods to address a broad spectrum of vulnerabilities in smart contracts, significantly outperforming both LLM-based approaches and traditional static analysis tools.
India Mandates Cybersecurity Audits for Crypto Exchanges
Amid increasing instances of cyber thefts, the Indian government has mandated cybersecurity audits for all cryptocurrency exchanges and custodians. Platforms are required to have a security auditor registered with the Indian Computer Emergency Response Team (CERT-In), the nodal agency that deals with cybersecurity incidents.
Auditor Flagged Issue Before $2.59M Nemo Hack, Team Admits
Sui-based yield trading protocol Nemo lost $2.59 million in a Sept. 7 exploit caused by unaudited code deployed without multisignature controls. Despite an auditor flagging the issue months prior, the team failed to address it in time, leading to the breach.
NPM Supply Chain Attack Puts Crypto Users at Risk
On September 8th, cybersecurity researchers uncovered one of the most serious supply chain attacks in recent history. Hackers successfully compromised NPM (Node Package Manager), the world’s largest library of open-source software components, relied on by developers to build everything from websites to cryptocurrency wallets.
Web3 Security Report Q1 2025: $2B Lost in 90 Days
The first quarter of 2025 marked one of the most alarming periods in Web3 security history — with over $2 billion lost in just three months. A 96% increase compared to Q1 2024, driven by operational failures and access control exploits.
Bybit Hit by Record $1.5B Hack Attributed to Lazarus Group
In February 2025, cryptocurrency exchange Bybit suffered a massive hack, resulting in the theft of $1.5 billion worth of Ether tokens. Cybersecurity researchers and blockchain analysts linked the attack to the Lazarus Group, a hacking group believed to be backed by North Korea. Bybit stated that it was able to recover most of the stolen Ethereum and remained solvent throughout the incident. The company announced new security upgrades and offered a bounty to help track down the hackers and recover the remaining funds.
OWASP SC Top 10 (2025) Breakdown: The Most Critical Smart Contract Risks
The OWASP SC Top 10 for 2025 highlights the most critical smart contract risks, with access control vulnerabilities topping the list. These flaws allow attackers to gain unauthorized control over smart contracts.