Cyfrin's Blockchain Security and Education Newsletter: June 2025

Updraft’s new learning experience is live! Enjoy smarter course navigation to help you learn faster, official proficiency exams to prove your skills, and new courses to level up your capabilities.
‍

Read on for the month's update from Cyfrin, security news, and industry insights. 
‍

From Cyfrin’s world

Introducing Wise Signer: Learn to verify wallet transactions, step by step, and always know exactly what you're signing.
‍

New courses:

• Master the Fundamentals of ZKPs in just 1 hour with Updraft’s new course. Fast track your understanding of zero-knowledge proofs and privacy-first protocols.
  ‍
• Chainlink Fundamentals is live on Updraft with an updated curriculum and an official proficiency exam.
  ‍
• Build blockchain-powered apps with ZKsync, Circle, and Fleek in Updraft’s Full-Stack Web3 Development Crash Course.
  ‍

CodeHawks Eagle success story: In under a year, 0x539.eth went from web2 explorer to securing billions as an elite smart contract auditor.
‍

Insights to level up your blockchain security skills and knowledge: 

• EIP-7702 explained: EOAs can now batch transactions like smart wallets, making DeFi smoother, but also riskier if you don’t verify what you sign.
  ‍
• Decode calldata with Python to stop UI spoofing and avoid signing malicious transactions.
  ‍
• Simulate txs with Foundry to test contracts and block deceptive wallet prompts.
  ‍
• Cyfrin identified over 10 gas optimizations in Aave V3.3’s public good audit.
  ‍
  

From the Solodit Checklist Explained series:

• Spot price manipulation attacks using flash loans and weak oracles.
  ‍
• Stop reentrancy attacks with proper state updates and guarded view functions.
  ‍

High-profile hacks and security incidents

Cetus Protocol ($223M): An attacker spoofed tokens and warped AMM curve logic to drain the contract, crashing Sui’s token price by over 90% and forcing a full contract shutdown.
‍

‍

Cork Protocol ($12M): An attacker exploited fallback logic in exchange rate checks to mint fake tokens, draining 3,762 wstETH and converting them to 4,530 ETH in under 17 minutes.

‍Mobius Token ($2.1M): An unverified contract with faulty math allowed an attacker to mint 9.7 quadrillion tokens for pennies, then dump them for USDT, raising strong signs of a rug pull.

LNDFi ($1.18M): A stealthy code tweak gave admin keys the power to drain funds. No multisig, no safeguards, just a 41-day ticking time bomb hiding in plain sight.
‍

Industry news and resources

Emulating North Korea’s billion-dollar Bybit heist: from macOS malware and AWS pivots to static site tampering! Learn how to detect the same tactics and see how the hack unfolded >

Guardian Audits uses invariant fuzzing to catch vault-breaking bugs the moment they appear. Explore how >

‍Solana isn't Ethereum! Missing signer checks or account validation can open serious vulnerabilities. Learn why it matters >

Fuzzing top Ethereum clients revealed 40+ hidden bugs, from gas miscalculations to stack issues. See what they found >

Lending protocols hold over $50B in DeFi, but design flaws can turn yield into risk. Watch out for these red flags >

‍The DeFi Security Summit surfaced today’s top threats, from social engineering to smart contract flaws. Dive into the insights >

Web2 bugs in web3 systems can crash dApps, leak keys, and trigger costly exploits. Learn how to catch them >

‍A fuzzing run on Beraborrow exposed a critical bug that slipped past manual reviews. Discover how >
‍

Protocols recruit talent with Updraft Certifications

Schedule your certification exam today!

‍Did someone forward you this newsletter? Subscribe here!