Back to blogs
Written by
Cyfrin
Published on
May 7, 2025

Cyfrin's Blockchain Security and Education Newsletter: May 2025

New web3 dev course, major smart contract hacks, audit insights, Aderyn updates, and essential secure coding tips for blockchain developers.

Table of Contents

Just launched: ZKsync, Circle, and Cyfrin’s Full-Stack Web3 Crash Course! Learn to build blockchain-powered apps in just 8 hours and kickstart your journey as a full-stack web3 developer.


Read on for the month's update from Cyfrin, security news, and industry insights. 

From Cyfrin’s world

Aderyn v0.0.35 is live, featuring Hardhat/Soldeer support, faster startup, better false positive handling, and GitHub CI integration to catch issues before merging.

A screenshot of Aderyn’s terminal interface showing smart contract analysis with detected issues and GitHub links.

And if you want to be a top security researcher, the Solodit Checklist Explained series teaches you how to:

High-profile hacks and security incidents

Mantra ($5.5B): 17 wallet addresses moved $227M to exchanges, causing the OM token to plunge in value by 90%, fueling rumors of a classic rug pull and causing community outrage.

BTC
($330M): An elderly user was tricked into sending 3,520 BTC in a targeted phishing attack; funds were rapidly laundered through Monero.

UPCX
($70M): Attackers compromised the ProxyAdmin contract to add a backdoor, draining 18.4M UPC tokens. The stolen funds remain in a known wallet, unmoved, as the investigation continues.

KiloEx
($7.5M): A price oracle exploit allowed an attacker to manipulate asset prices and profit by opening and closing leveraged positions. The funds were returned, and KiloEx pledged full compensation plus a bonus APY for stakers.

KiloEx’s Oracle exploit logic; Source: QuillAudits


Loopscale ($5.8M): A vault pricing flaw on Solana allowed an attacker to drain funds. $2.8M was later returned under a whitehat bounty deal.

BTCM App
($1M+): A logic flaw in the overPaper function is allowing hackers repeated fund withdrawals. The exploit is ongoing, with assets being transferred across chains.

Industry news and resources

49% of vulnerable smart contracts are hacked within 30 days of deployment. See why pre-deployment security is critical.

A line graph comparing median and mean exploit times for smart contracts from 2020 to 2024, showing a sharp decline in attack speed.
Median vs. Mean Exploit Timelines: Annual Metrics (2020-2024); Source: Time-to-Hack


Protect your treasury
with this multisig checklist to safeguard signer keys and stay audit-ready.

Master spec thinking
to uncover hidden risks and speed up audits with fuzzing and formal verification.

Vitalik Buterin
maps a pragmatic path for faster, more secure L2 finality by blending optimistic, ZK, and TEE proofs.

A hidden flaw in ETH validator deposits contracts could let attackers steal staked funds. Learn the defenses every developer must know.

Wallet bugs could
silently drain your crypto without you even clicking. 

LLMs won't replace audit tools
, but can turbocharge PoC builds and reports.

Protocols recruit talent with Updraft Certifications

Schedule your certification exam today!

Start learning smart contract development and security on Cyfrin Updraft.

Participate in competitive audits on CodeHawks.

Did someone forward you this newsletter? Subscribe here!

Secure your protocol today

Join some of the biggest protocols and companies in creating a better internet. Our security researchers will help you throughout the whole process.
Stay on the bleeding edge of security
Carefully crafted, short smart contract security tips and news freshly delivered every week.