Uptown crypto

i will be there

i love this picture it shows strength with beautiful colour
$BTC $ETH $BNB

Yesterday around 10:00PM for the first time i drink MonsterEnergy drink. What's in this thing that makes me feel more focused and sharper i swear for full 5hours straight i locked-in i don't feel tired, sleepy or distracted full focus. I don't even scroll through reels for once. i m learning Blockchain development and web3 security research. $ETH $BNB #SecurityAlert #Audit

claim a free $USDT Red packet

BPNXM6UN58

claim

🚨 Active Exploit on ZetaChain Cross-Chain Contracts

An ongoing attack is targeting ZetaChain GatewayEVM contracts across all EVM chains.

Revoke all approvals for any ZetaChain GatewayEVM contract immediately.

🔍 $150K Drained from Scallop via 17-Month-Old Deprecated Package

An attacker bypassed the active SDK and called a deprecated V2 package from November 2023 — where last_index was never initialized, crediting them with 17 months of accumulated rewards instantly.

On Sui, packages are immutable and forever callable — every old version stays a live attack surface unless shared objects enforce version checks.

🔗 Details

This is unbelievable.

How on Earth do LayerZero and Kelp have the audacity to make any requests?

> @LayerZero_Core has STILL not disclosed how much they will contribute to DeFi United.

> @KelpDAO hasn't even committed to contributing at all.

Keep in mind that (1) these were the two responsible parties for the hack in the first place and (2) LayerZero has raised ~$300M in total.

This is the epitome of shameless behavior.

🚨 Kipseli.capital just got wrecked $72.35K drained in a classic decimal mismatch attack (2026-04-22)
MEV bot swapped 0.04 WETH ($95) → received 0.926 cbBTC ($72.35K) through the PropAMM Router.

Docs say pricing is USDC-denominated. Attacker used unsupported WETH→cbBTC path. The pricing stack spit out a 6-decimal USDC-scale quote (92,610,395) and the contract transferred it directly as 8-decimal cbBTC. One integer, two completely different values.
On-chain signer only binds (tokenIn, tokenOut, timestamp) with a hardcoded key zero check on amountIn or rate. No sanity, instant exploit.

What is a Decimal Mismatch Attack?
A decimal mismatch attack happens when a smart contract’s pricing/oracle logic assumes one token’s decimal precision (e.g. USDC’s 6 decimals) but the actual token being transferred uses a different precision (e.g. cbBTC’s 8 decimals).

The contract receives an integer quote scaled for the expected decimals, then blindly uses that same raw integer as the transfer amount for the higher-decimal token. Because each extra decimal place multiplies the real value by 10, a “small” USDC-scale number becomes an enormous payout when interpreted as a BTC-scale token.

The attacker simply chooses an unsupported swap path that triggers the wrong decimal scaling while the signer never validates amountIn, rate, or price direction turning a $95 swap into a $72K windfall in one transaction.

Someone will say it's Good thing to Freeze Stolen Asset. Morally YES

But Crypto Doesn't work like that so this decision by Arbitrum One is not good for the world of Decentralization and $ARB project im my opinion.

⚠️ALERT: $AAVE is now down -19% today after a $292M Kelp DAO rsETH exploit triggered a full-blown liquidity crisis.

Aave's ETH pool just hit 100% utilization. That means one thing: there's almost no ETH left to withdraw.

Here's what happened:

Attacker drained 116,500 rsETH ($292M) from Kelp DAO's LayerZero bridge

He then deposited the stolen rsETH as collateral on Aave V3 to borrow ~$236M in WETH.

Because the rsETH is now unbacked, those positions are unliquidatable.

Aave is now stuck with ~$280M in bad debt it cannot recover.

Panic withdrawals have followed: $5.4 BILLION in $ETH outflows, with Justin Sun pulling 65,584 ETH ($154M) alone.

ETH utilization has maxed out at 100%, which means there's almost no ETH left to withdraw.

This is the FIRST real-world test of Aave's Umbrella safety module & the BIGGEST DeFi exploit of 2026.

This is a developing story.

🇰🇵 North Korea's UNC4736 Behind the $285M Drift Hack

Lazarus Group subunit UNC4736 infiltrated Drift over 6 months — meeting employees at conferences before compromising systems via Telegram.

The first known case of in-person HUMINT combined with military cyber ops — marking a dangerous evolution in DPRK attack tactics.

More than $586K was lost across two fresh wallet scam cases, according to @web3_antivirus.

One user lost $386K in USDT after sending funds to a poisoned lookalike address copied from the tx history.

A @MetaMask user also lost $200K in a wallet drainer incident, with $168K in $USDT , $22.8K in $USDC USDC and $9.2K in $LINK drained in a single tx.

Poisoned wallet history and user-signed approvals remain 2 of the simplest ways for attackers to empty wallets.

More project need to do this👇👇👇👇

Introducing the $MON dedicated device subsidy program

Monad Foundation will be subsidizing the cost of dedicated signing laptops, for multisig, treasury, and other critical operations, to all protocol teams with at least $2.5M of TVL on Monad.

Your signing machine should NEVER be the same as the one you use for everyday browsing, coding, or taking calls.

more detail on the picture below

#Notcoin isn't just a mene it's culture more important to many people it's history

DOGE/USDT SHORT 🔴

Entry 0.22490

Target 0.20770

SL 0.23390

WIF/USDT SHORT 🔴

Entry 0.96950

Target 0.8940

Target 0.8000

SL 1.0323

ETH 😂😂😂

If you recall any of these shit coins, bruhhh... You've been through a lot.

no cap!

If you recall any of these shit coins, bruhhh... You've been through a lot.

no cap!