HashDit | now with Pro Extension @HashDit
Web3 Security Firm - Defending against Hacks & Scams on #BSC & More! 🛡️ Users stay safe with our Chrome Extension & Metamask Snaps! ⚙️ Links below 👇 linktr.ee/hashdit Joined January 2022-
Tweets1K
-
Followers6K
-
Following82
-
Likes311
🚨 HashDit Alert🚨 Multiple reports indicate that @dxsale has been compromised! ⚠️ Any project with LP funds locked on DxSale should check immediately and withdraw if possible Our analysis shows around $3M stolen so far, with the exploit still ongoing. Main Theft address: 0xC4574DDEF299e7E563971e200433e592EeaaFA69 The attacker has also raised locking fees to 100 BNB, effectively blocking normal use. With Discord, TG, and X all silent, the project appears either fully compromised or rugpulled... Stay Safe!
🚨 HashDit Alert! 🚨 A crypto stealer campaign has been identified involving malicious npm packages, for example "token-usage-tracker". This is a confirmed TrapDoor attack designed to steal credentials and crypto assets. If installed, delete it immediately and rotate your keys/secrets. To track AI token usage safely, use trusted packages that wrap official APIs, local tokenizers like tiktoken for estimation, and keep cost sheets updated with minimal external dependencies. Stay safe!
🚨 BREAKING: Active supply chain attack across npm, PyPI, and Crates.io. Socket detected TrapDoor, a crypto stealer campaign hitting 34 malicious packages and 384 versions and artifacts, with attackers repeatedly pushing new releases across ecosystems. TrapDoor targets
References 1/ Binance Oracle : binance.com/en/support/ann… 2/ Pyth Network: docs.pyth.network/price-feeds/co…
🚨 HashDit Update 🚨 Two oracle service changes are underway: • Binance Oracle will transition to @AtlasOracleX , affiliated with @CoinMarketCap , over a 90-day period, with full completion by Aug 6. • @PythNetwork is upgrading Pyth Core on July 31, and Hermes users will now require Pyth API keys. Projects using either provider should update their oracle feed addresses accordingly.
Reported Impact: The exfiltrated data consists of approximately 3,800 GitHub-internal repositories containing GitHub's own platform source code and internal tooling — not user data, secrets, or third-party code. Critical internal credentials have already been rotated. No evidence of follow-on attacks against GitHub's production platform or customer-facing services has been reported.
🚨 HashDit Alert! 🚨 GitHub has reported unauthorized access to some of its internal repositories! Web3 / Crypto devs: now is a good time to audit your repos, check for any abnormal commits and remove any sensitive data that should NOT be there in the first place ⚠️ With AI-powered attacks on the rise, breaches like this will become more and more common. Stay extra cautious with permissions, secrets management, and credential storage 🛡️ Stay safe!
We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely
5/5 🛡 How can you protect yourself moving forward? - Pin exact dependency versions - Avoid `^` / `~` for critical packages - Delay new package adoption by 7–14 days - Use behavior-based supply chain scanners - Isolate build environments - Never expose production secrets to npm install hosts - Enable 2FA on registry accounts Stay safe!
4/5 🛠 Remediation: Step 1️⃣ — Remove malicious versions Pin a known-safe version, such as: - `12.0.0` - `9.2.1` for the 9.x line Then reinstall cleanly: ```bash rm -rf node_modules package-lock.json npm install ``` Use the equivalent lockfile cleanup for Yarn/pnpm. Step 2️⃣ — Rotate secrets immediately Rotate anything that may have been accessible, including: - cloud credentials - SSH keys - API keys - CI/CD secrets - Kubernetes credentials - deploy keys - wallet-related secrets if present Step 3️⃣ — Block attacker infrastructure Block at firewall/proxy level: - `sh.azurestaticprovider.net` - `37.16.75.69` Also quarantine the malicious versions in your private registry/proxy: - Artifactory - Verdaccio - internal mirrors
🚨 HashDit Alert! 🚨 1/5 The popular `node-ipc` npm package has been compromised with a credential-stealing payload! Confirmed malicious versions: - `9.1.6` - `9.2.3` - `12.0.1` If your environment touched these versions, assume risk ⚠️
🚨 Socket detected malicious activity in newly published versions of node-ipc, an npm package with 822K weekly downloads. Affected versions: [email protected] [email protected] [email protected] Socket’s AI scanner flagged the malware within ~3 minutes of publication. Early analysis
🚨 HashDit Alert🚨 @zachxbt has reported that @THORChain has been compromised, with total stolen funds amounting to >$7.4m. Source: t.me/investigations… DO NOT interact with the project until the team gives the all clear. Stay Safe!
⚠️Official PSA for Discord to address a major widespread issue⚠️ Scammers are violating @discord's ToS to use APIs/Automation to scam users... They have automated flows set up to watch for new members joining... The moment someone joins, they send a friend request impersonating team members or support... This confuses new members and can lead to scams. Let me explain ⤵️⤵️ This can happen to any servers, the servers shown in the video below are just an example as scammers do this to all popular servers!! Regardless of the servers security!
🚨 UPDATE: Mini Shai-Hulud has crossed from @npmjs into @pypi and is still spreading. Newly confirmed compromised artifacts: @opensearch-project/opensearch: 3.5.3, 3.6.2, 3.7.0, 3.8.0 (1.3M weekly downloads) mistralai: 2.4.6 on PyPI guardrails-ai: 0.10.1 on PyPI additional @squawk/* packages on npm guardrails-ai 0.10.1 executes malicious code on import. On Linux, it downloads git-tanstack[.]com/transformers.pyz, writes it to /tmp/transformers.pyz, and runs it with python3 without integrity verification. The git-tanstack.com domain displayed a message signed “With Love TeamPCP,” along with: “We've been online over 2 hours now stealing creds Regardless I just came to say hello :^)” The page also linked to a YouTube video and you can probably guess which one.
🚨 Bitwarden CLI 2026.4.0 was compromised as part of the ongoing Checkmarx supply chain campaign after attackers abused a GitHub Action in Bitwarden’s CI/CD pipeline. We’ll continue updating our coverage as more details are confirmed. socket.dev/blog/bitwarden…
⚠️ Web3 social managers on X: stay alert. Scam phishing emails targeting crypto are circulating again. If you enter your project's credentials into the fake login page, your X account WILL GET HACKED! Stay vigilant!! Refer to this for more information: malwarebytes.com/blog/news/2025…
🚨 WARNING: Recently, there has been a rise of Web3 Crypto X Accounts being compromised. Through our investigation, we noticed there has been a 6 month campaign of scam X phishing emails usually preying on the urgency to 'verify' their account. So what should you do if you are a
In collaboration with @github, @Microsoft, @npmjs, and @SocketSecurity, our security team has confirmed that no npm packages published by Vercel have been compromised. There is no evidence of tampering, and we believe the supply chain remains safe. vercel.com/kb/bulletin/ve…
3/ Long term solutions: 1. Pin exact dependency versions (avoid using ^ ranges) 2. Use and review lockfile changes in PRs 3. Use --ignore-scripts in CI when possible 4. Run installs in isolated environments without production secrets Stay safe!!
2/ Root cause: a Vercel employee’s account was reportedly compromised via Context.ai, which gave the attacker access to that employee’s Google Workspace account, then access to some Vercel environments and env vars not marked “sensitive.”
🚨 Vercel and Next.js devs do this now! 🚨 ShinyHunters (the threat actor behind the Rockstar/Ticketmaster breach) hacked @vercel via a compromised third-party AI tool's Google Workspace OAuth app!! ⚠️⚠️⚠️ Do this now before reading further! 1. Rotate all important Vercel env vars immediately - especially npm, GitHub, API, and deployment tokens 2. Review and remove unnecessary connected apps - remove context.ai from Google Workspace accessed apps - revoke Vercel/GitHub integrations Why this matters if you are in #Web3/#Crypto: Vercel hosts hundreds of DeFi frontends, and stolen CI/CD credentials could enable wallet-drainer injection at scale! ⚠️ 1/ Affected Impact 2/ Root Cause 3/ Long term solution
We’ve identified a security incident that involved unauthorized access to certain internal Vercel systems, impacting a limited subset of customers. Please see our security bulletin: vercel.com/kb/bulletin/ve…
BNB Chain @BNBCHAIN
3.9M Followers 647 Following The blockchain with superior distribution and deep liquidity, built for global markets and the next billion users. Build your AI agents with BNBAgent SDK 👇
Trust Wallet @TrustWallet
4.3M Followers 428 Following The #1 self-custody wallet. Swap, trade perps, predict & more 👇 Official Announcement Group🔗: https://t.co/f2gsyXHQy1
Wombat Exchange 🐻�... @WombatExchange
82K Followers 231 Following 🐻 The only multi-chain and cross-chain, single-sided DEX 🔁 Swap on 20+ chains. Yield Farming. Fiat On-ramp. Perp DEX and more 🔗 https://t.co/BLWbbx02n9
Venus Protocol @VenusProtocol
228K Followers 390 Following Lend, Borrow & Earn on the #1 Multichain Decentralized Money Market. Official Telegram: https://t.co/FpFHB0JeRS
Magpie @magpiexyz_io
127K Followers 900 Following Mega DAO integrated with @Pendle_fi, @eigenlayer, @lista_dao, @babylonlabs_io and @HyperliquidX
tombi2 @tombi26
89 Followers 1K Following
DS @DS27094263
0 Followers 86 Following
Kevin Carlisle @punk7954
21K Followers 312 Following Mexico-based producer covering quantum computing, AI, and robotics. Tips, signals, and future tech stories welcome. Bylines: @BeaconLayerPod
Sulex @Sulex1195241044
0 Followers 28 Following
Malgosia Wisniewska @margowdkek
0 Followers 21 Following
Cindy Villanueva @cindylhiam01
2 Followers 18 Following
CEO Spaecx @CEOSpaecx
2 Followers 126 Following
Canopy Token @CANOPYToken
223 Followers 129 Following 🌲 BEP-20 reforestation token on @BNBCHAIN 3% of every trade → verified NGOs Coinsult audited · KYC verified · LP locked https://t.co/pYwnx8fTMt
Afrobytes @AfroGigabyte
61 Followers 565 Following Sleep Mode⚡ Don’t change the line when it gets uncomfortable!
☬𝐕𝐄𝐍𝐎�... @ZlRbV0eUl527982
0 Followers 20 Following
joeycli @joeycli1
0 Followers 43 Following
R K D @R_K_Dundoo
1 Followers 58 Following
Joe Han @hanyizhou888
5 Followers 41 Following
Shamiro Whehest @whehest56794
0 Followers 23 Following
Not Reevs musk @ReevsM0
3 Followers 43 Following Building the future, one impossible idea at a time. 🚀 and Creating with purpose beyond profit.
Arcanum @aliasCasperFI
109 Followers 498 Following
Levi Epps official @levieppsoficiaL
200 Followers 3K Following 👑Rich Life Mentor | Investor | Speaker 🤲Helping 800+ people create their Rich Life 💎Dm me “Rich Life” to work w/ me
Kamzg south @Kamzysouthnn
0 Followers 54 Following
Leevi Lover @Loverboiiix13
5 Followers 79 Following
محفوظ النعم... @ManyAln63240
28 Followers 420 Following
Breach Lab @Breachlab_
3 Followers 49 Following Estudiante de redes y sistemas que publica lo que aprende (y lo que rompe) en el lab. Ruta: ASIR → SysAdmin →Ciberseguridad
Lacramioara Anutii @lacrianutii3
498 Followers 239 Following Integrata de lana SA Suceava, studi preuniversitare contabilitate primara, engleza primara, tehnoredactare
RTP @RonTag62
221 Followers 5K Following Civil Engineer - Entrepreneur - Financial Markets & Horse Racing Fan
MucızeWORK @MucizeWork
33 Followers 95 Following Web projeleri, AI destekli araçlar ve veri çözümleri üretiyorum. Mucize Work Ekosistemi’ni birlikte büyütelim → https://t.co/PlvVYZ9t9Y
Dawn @DawnF628630
2K Followers 755 Following Hi Everyone. I love Trump and Elon!! I love listening to intelligent men speak in Spaces. 🚀💯🥰💖
Ryan Moore @RyanMoore695153
130 Followers 1K Following hit me up I'm single but don't come with no fuck shit in a relationship
akshit kumar @akshitk32670059
12 Followers 67 Following
Selma Sanchez @SalmaGodson
232 Followers 2K Following Crypto Enthusiast 📈📉📊 Long-term investor focused on building wealth through strategic asset.
Ugwu Kenneth🔋DrQug... @Qoficiall
130 Followers 2K Following Medical Radiotherapist 😩😩# N/🩻🚀forex and crypto traderhttps://t.me/qugotrades📊📈focusing on blockchain innovations Ai Tech and robotic !!!
David Harris @DavidHarri19522
2 Followers 10 Following
Frank @Frank0468158221
0 Followers 5 Following
Samrat Bhusal @BhusalSamr31833
2 Followers 27 Following
NoAlc Coin | $NOALC �... @NoalcCoin
8 Followers 8 Following 🟢 🌐 Internet-native crypto community promoting discipline and balance via decentralized innovation. $NOALC ⚡ Powered by Pumpnetic https://t.co/lTe3anRxtC
No Sugar Coin | $NSGC... @NoSugarCoin
62 Followers 33 Following 🟢 ⛓️ Internet-native Web3 ecosystem inspired by discipline, consistency, and decentralized innovation. $NSGC ⚡ Powered by Pumpnetic https://t.co/N4Jeb3OWjb
I Know What You Did O... @IkwydCoin
8 Followers 11 Following 🟢 ⛓️ Inspired by transparent markets, on-chain activity, and decentralized communities. $IKWYD ⚡ Powered by Pumpnetic https://t.co/tq9GmC2Js1
Pumpnetic @pumpnetic
26 Followers 66 Following 🟢🛠️ Building scalable blockchain ecosystems, Web3 infrastructure, and open digital platforms for the next generation of internet-native communities. ⚡⚡
Ghost Ghost @GhostGhost88429
2 Followers 9 Following
Moin khan @Moinkha67056972
0 Followers 43 Following
Sinan Mohammed PP @siiiiiiiiiiinan
55 Followers 515 Following
CZ 🔶 BNB @cz_binance
11.7M Followers 1K Following Buy the book (proceeds go to charity): English: https://t.co/UxgYxYJ3NF Chinese: https://t.co/ItFd8FEyuK @binance @BNBchain @YZiLabs @GiggleAcademy
Binance @binance
16.0M Followers 570 Following The world’s leading blockchain ecosystem and digital asset exchange | #Binance #BNB | Support: @BinanceHelpDesk | Posts are not directed towards UK users.
BNB Chain @BNBCHAIN
3.9M Followers 647 Following The blockchain with superior distribution and deep liquidity, built for global markets and the next billion users. Build your AI agents with BNBAgent SDK 👇
CoinMarketCap @CoinMarketCap
7.1M Followers 595 Following #CMC is the world’s most trusted source for crypto data & insights. Have a question about crypto? Ask https://t.co/54uUtCsuxw
Trust Wallet @TrustWallet
4.3M Followers 428 Following The #1 self-custody wallet. Swap, trade perps, predict & more 👇 Official Announcement Group🔗: https://t.co/f2gsyXHQy1
PancakeSwap @PancakeSwap
2.1M Followers 311 Following Everyone's favorite DEX. Swap, trade, and earn across 10+ chains.
ZachXBT @zachxbt
1.0M Followers 2K Following Scam survivor turned 2D investigator, Advisor @paradigm
Lista DAO @lista_dao
348K Followers 552 Following Lista Intelligence: Where Smart Liquidity Meets Infinite Possibilities.
CertiK @CertiK
557K Followers 1K Following The largest crypto security provider. Smart contract audits, on-chain monitoring, penetration testing & more. ➕ @CertiKCommunity 🚨 @CertiKAlert
Wombat Exchange 🐻�... @WombatExchange
82K Followers 231 Following 🐻 The only multi-chain and cross-chain, single-sided DEX 🔁 Swap on 20+ chains. Yield Farming. Fiat On-ramp. Perp DEX and more 🔗 https://t.co/BLWbbx02n9
SafePal - Crypto Wall... @SafePal
721K Followers 2K Following Non-custodial wallet suite backed by @animocabrands @Binance @Superscrypt Mobile, Hardware, Desktop 30M Users, 16 languages, 200+ chains DeFi & CeFi Super Hub
Binance Wallet @BinanceWallet
2.9M Followers 283 Following Experience Web3 effortlessly with #Binance Wallet Simple, Secure, Rewarding.
Venus Protocol @VenusProtocol
228K Followers 390 Following Lend, Borrow & Earn on the #1 Multichain Decentralized Money Market. Official Telegram: https://t.co/FpFHB0JeRS
Magpie @magpiexyz_io
127K Followers 900 Following Mega DAO integrated with @Pendle_fi, @eigenlayer, @lista_dao, @babylonlabs_io and @HyperliquidX
Ledger @Ledger
671K Followers 251 Following Free from Compromise. Ledger will never DM you, call you, or ask for your 24 word recovery phrase. Posts under this account are not intended for the UK
etherscan.eth @etherscan
161K Followers 88 Following Providing equitable access to human readable blockchain data.
NFT_Dreww.eth @nft_dreww
13K Followers 2K Following Drew Security Founder/CEO | @BoringSecurity Contributor | Cybersecurity Engineer, Consultant, & Auditor | Opinions are my own
SimpleX Chat @SimpleXChat
20K Followers 522 Following Private, secure and decentralized messaging. The first network where you own your contacts and groups. Get the open-source app: https://t.co/7cmX6RYaiq
UPD.IO | Universal Pr... @UPD_io
3K Followers 62 Following Decentralized, permission-less stablecoin with native post quantum privacy and yield
Christopher Stanley @cstanley
112K Followers 479 Following {title: "Security Engineering", company: 〚"@SpaceX", "@X", “@xAI”〛, education: "M.S Computer Science // Cyber Security"}
Coinpedia @CoinpediaNews
16K Followers 3K Following Your Trusted Source of Crypto News & Analysis. Explore Crypto Events, Markets, Companies,Academy & Product Reviews by Experts. Join-https://t.co/sYN95YYTKR
Diana BNB @diana_bnb
23K Followers 2K Following #BNB Chain BD ✉️ tg @diana_bnb for projects and dev related questions💛 ig @ diana.salvatour | NFA
Rand Group @randgroup
347K Followers 1K Following Trading & Investing. Building @RR2Capital with over 220 early stage investments. Join my +39,000 traders community at https://t.co/H8N3oNrEAK
Trust Squad @TrustSquadmates
8K Followers 108 Following Stay up to date with @TrustWallet community initiatives and announcements here! Powered by Trust Squad, our core community. Join us 👇
ranz jovan @ranzjovan
512 Followers 2K Following
48 Club (Est. '17) @48Club_Official
12K Followers 52 Following Make @BNBChain Easier to Use, for $KOGE Holders. Use https://t.co/RTWjGTVKHN for privacy protection CA: 0xe6DF05CE8C8301223373CF5B969AFCb1498c5528
Aster 🥷 @Aster_DEX
308K Followers 119 Following The Next-Gen Perp DEX for All Traders Backed by @yzilabs https://t.co/EF7uEmCGFa
Eowyn @EowynChen
54K Followers 477 Following 👨👩👦 Wife, mother, truth-seeking learner 🤓. Views are my own and don’t represent any org. 🆓 BE AWARE OF SCAMMERS on X, Telegram - I don’t use Discord. 🚨
FixedFloat⚡️ @FixedFloat
47K Followers 74 Following Instant, fully automatic cryptocurrency exchange with Lightning Network⚡️
Nick Bax.eth @bax1337
8K Followers 2K Following Building @ump_eth Cyclist Bad DM checker Keeping chains safe at @_SEAL_Org 50/50 mix of shitposts and serious 🐦
Cos(余弦)😶�... @evilcos
124K Followers 2K Following Founder of @SlowMist_Team // 分身一号/捉虫大师/救火运动员 // 🕖灾备频道 https://t.co/bMGdsBkYwM
Web3 Antivirus @web3_antivirus
12K Followers 181 Following Real-time Web3 security stack. API & free extension for token validation, transaction filtering and address screening. Trusted by industry leaders.
ddadybayo @ddadybayo
2K Followers 2K Following research & strategy - @unstoppablebyhs | freedom maximalist | 🇰🇬
Unstoppable | Private... @unstoppablebyhs
198K Followers 419 Following Secure wealth, stay private, and go borderless! Unstoppable Wallet https://t.co/cPlYaaTRsY Unstoppable Swap ( BTC XMR ZEC ) https://t.co/Y2fecYqfqV
maker @makebymoney
592 Followers 2K Following
Kaspersky @kaspersky
313K Followers 85 Following Kaspersky is the world’s largest privately held vendor of Internet security solutions for businesses and consumers. For support https://t.co/enRPRUIwcm
Impermax @ImpermaxFinance
12K Followers 573 Following The Lending Protocol For Market Makers Discord: https://t.co/m1nIucs2P0
Malwarebytes @Malwarebytes
88K Followers 1K Following All-in-one cybersecurity that's always by your side. Need support? @SupportMWB
TenArmorAlert @TenArmorAlert
3K Followers 21 Following Real-Time On-Chain Attack & Vulnerability Detection | Smart Contract Audits & Response
Scam Sniffer | Web3 A... @realScamSniffer
90K Followers 46 Following Crypto Anti-Scam🛡️ | User-safety advocate 🌐 🧩 Extension: https://t.co/How2d4sL8b 📲 | ✈️ TG: https://t.co/qbfM5Z44mZ
Security Alliance @_SEAL_Org
21K Followers 100 Following Securing the future of crypto | Cover art by @yueko__ | Emergencies: https://t.co/DAAyAETsY4
Pocket Universe 🟣 @PocketUniverseZ
84K Followers 136 Following The browser extension that protects you from scams and wallet drainers. Protecting 180K+ ppl and $1b+ assets. Get $30,000 USDC coverage
Wallet Guard @wallet_guard
55K Followers 2K Following Web3 security advocates. Preventing crypto theft with our security engine. Now fully integrated with @MetaMask 🦊
0xSaiyangod @saiyangod
1K Followers 2K Following CTO of W3bSecOps @wallet_guard @pocketuniverseZ @_SEAL_Org @Intell_On_chain @FairSideNetwork 正义
Eve @evelinaforesta
578 Followers 245 Following Crypto fan by day, security geek by night. Unraveling blockchain mysteries and stopping hackers with a side of memes!
BounceBit @bouncebit
231K Followers 20 Following Enabling real yield with RWA // $₿₿ Backed by @blockchaincap @yzilabs @BreyerCap
PinkSale (Pink Ecosys... @pinkecosystem
120K Followers 91 Following We "Pink" #DeFi with our Ecosystem: https://t.co/jF1YXa5Jst (decentralized launchpad) Please contact us on Telegram for urgent cases: https://t.co/4ESSQ4z6R7
Radiant Capital @RDNTCapital
110K Followers 713 Following Radiant is building the first omnichain money market atop LayerZero.
Biswap @Biswap_Dex
284K Followers 153 Following Multichain V3 #DEX on #BNB, #Ethereum, #Base & #Arbitrum. Swap, provide liquidity, earn 80% LP rewards from swaps & limit orders with 0% fee. https://t.co/jddvnFLDMT
Tranchess @Tranchess
43K Followers 58 Following Enhancing Returns with Leveraged Points and Stable Yield on #ETH #BNBChain $CHESS Telegram: https://t.co/iOYZVfBzE6 Discord: https://t.co/H3IkXhgh3I
Beefy @beefyfinance
259K Followers 146 Following THE Yield Optimizer. The easiest way to earn more crypto. Autocompound tokens on Beefy | https://t.co/wcEPCGUhv4 | https://t.co/18UehEL4XM
Stader Labs @staderlabs
96K Followers 654 Following 🧘♂️ Non-custodial & secure liquid staking 🔰 Live on Ethereum, Polygon, BNB & Hedera 🔗 https://t.co/1pJvBHvKxk
ACryptoS.com ⚔️ @acryptosdao
25K Followers 91 Following Advanced Crypto Strategies DAO 🥇Yield Optimizer | Automated Liquidity Management for 1️⃣ Conc. Liquidity 2️⃣ Single-token Vaults https://t.co/NlO8KsGCFD
Linear Finance @LinearFinance
96K Followers 72 Following A decentralized, multi-chain trading hub for perpetuals, synthetics, and P2P, all in one seamless ecosystem. Contact: https://t.co/Hkb0eZPOfSYou might like
