DeFi & Smart Contract
Security Research Lab

Manual code audits, formal verification, ZKP circuit review, and active fuzzing โ€” from a Berlin-based researcher with a published CVE track record and hands-on DeFi exploit experience.

View Security Plans Request Audit

Recent Security Incidents

April 10, 2026

Resolv Labs Security Incident

Resolv Labs - RektTuesday, April 7, 2026Resolv Labs - Private Key Leak - Supply Chain Attack Three hundred thousand dollars walked into a protocol holding $141 million. Eighty million unbacked stablecoins walked out. The official post-mortem would later reveal a supply chain attack; the breach began not inside Resolv, but at a third-party project where a contractor had previously worked.

April 7, 2026

Russia Hacked Routers to Steal Microsoft Office Tokens

Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code.

April 6, 2026

Germany Doxes โ€œUNKN,โ€ Head of RU Ransomware Gangs REvil, GandCrab

An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the country between 2019 and 2021.

March 23, 2026

โ€˜CanisterWormโ€™ Springs Wiper Attack Targeting Iran

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have Farsi set as the default language.

March 20, 2026

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets -- named Aisuru, Kimwolf, JackSkid and Mossad -- are responsible for a series of recent record-smashing distributed denial-of-service (DDoS) attacks capable of knocking nearly any target offline.

March 18, 2026

Venus Protocol Rekt4

Venus Protocol - Rekt IVWednesday, March 18, 2026Venus Protocol - Supply Cap Manipulation Nine months of patience. One dismissed audit finding. And a protocol that had already absorbed $717,000 in bad debt from a donation-style exploit on its own ZKSync deployment twelve months earlier. On March 15, 2026, an attacker who had spent nine months quietly accumulating 84% of Venus Protocol's supply cap for the Thena token executed a Mango Markets-style price manipulation attack on BNB Chain, bypassing the cap entirely through a technique called a donation attack, running a recursive borrow loop against thin liquidity, and extracting $3.7 million in borrowed assets before the position imploded into $2.15 million in bad debt.

March 13, 2026

Aave Security Incident

Aave - RektFriday, March 13, 2026Aave - Liquidation - Configuration Error $27.78 million (10,938 wstETH) in healthy positions liquidated - not by a hacker, not by a market crash, by Aave's own anti-manipulation system, misfiring on the people it was built to protect.

March 11, 2026

Microsoft Patch Tuesday, March 2026 Edition

Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing "zero-day" flaws this month (compared to February's five zero-day treat), but as usual some patches may deserve more rapid attention from organizations using Windows. Here are a few highlights from this month's Patch Tuesday.

March 11, 2026

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker's main U.S. headquarters says the company is currently experiencing a building emergency.

March 10, 2026

Solv Security Incident

DeFi / Crypto - $2.73 million drained from Solv's BRO vault, a callback fired before the books balanced, minting the same deposit twice across 22 loops and turning 135 BRO into 567 million, all inside a single transaction. An unaudited contract with no bug bounty coverage, losses covered by the team, attacker exited to Tornado Cash.

Security Research

vorbis-tools โ€” oggenc 1.4.3

CVE Pending: SIGSEGV in oggenc 1.4.3 (vorbis-tools) via Crafted WAV File

Medium Public
April 10, 2026

A crafted WAV file triggers a null pointer dereference / segmentation fault (SIGSEGV) in oggenc 1.4.3, crashing the encoder unconditionally. Reproducible with a single Python command. No user interaction beyond passing the file to oggenc is required. CVE requested โ€” assignment pending.

CVE โ€” pending assignment
Wings3D 3D Modelling Software โ€” v2.4.1

CVE Unhandled IEEE754 Special Values in Wings3D 2.4.1 OBJ Parser

Medium Public
March 31, 2026

A crafted Wavefront OBJ file containing IEEE754 special float values (nan, inf, -inf) or overflow exponents (1e999) in vertex coordinate fields causes Wings3D to crash immediately on import. Root cause: the Erlang function str2float_2/2 in e3d_obj.erl (line 391) uses pattern matching with no clause for IEEE754 special value strings, raising an unhandled function_clause exception that unwinds the BEAM VM call stack and terminates the import. All unsaved user work is lost. Vendor notified: sourceforge.net/p/wings/bugs/252/

CVE
Scribus Desktop Publishing Software โ€” v1.6.5

CVE : Uncontrolled Resource Consumption in Scribus 1.6.5

Medium Public
March 26, 2026

A crafted .sla project file with extreme numeric geometry values (PAGEWIDTH, HEIGHT, BORDERLEFT, etc.) causes Scribus to enter an infinite loop during layout containment checking, consuming 99% CPU and triggering a system-wide memory pressure cascade. No user interaction beyond opening the file is required. Root cause: geometry fields are read directly into Qt structures (QRect, QRegion) without upper or lower bounds enforcement.

CVE
Actions Semiconductor โ€” USB VID 10D6

CVE: Unsigned Firmware Update in Actions Semiconductor Platform

Medium Public
February 24, 2026

The firmware update tool (RdiskUpgrade.exe / Production.dll) for all devices using Actions Semiconductor VID 10D6 performs zero cryptographic verification before flashing firmware over USB. An attacker with physical access can permanently compromise any affected device. Covers 12 USB Product IDs across multiple consumer brands. CVE submitted to MITRE โ€” pending assignment.

CVE
Shotcut / MLT Framework

CVE-2025-65834: Buffer Overflow in Shotcut 25.10.31

Medium Public
December 14, 2025

Buffer overflow in Shotcut video editor's MLT Framework image processing pipeline. An attacker can trigger out-of-bounds memory access via a crafted media file. CVE assigned by MITRE.

CVE-2025-65834 โ€” assigned by MITRE

Recent Audits

April 2026  ยท  butterswap.io

Butter Network โ€” Smart Contract Ecosystem Audit

BSC, Base, Arbitrum, Optimism, Polygon, Linea, zkSync, MAP Relay Chain
Public
8
Total Findings
2
High
5
Medium
1
Low
$1.5M (at time of report)
TVL
Key Finding
swapAndBridge() silently bypasses all fee collection across 7 chains โ€” zero bridge fee revenue since deployment.
Scope: butter-router-contracts, butter-mos-contracts
View Full Report โ†’

Our Services

๐Ÿ”

Smart Contract Audits

Manual line-by-line review of Solidity, Rust, Move, Cairo, and Motoko contracts. Covers reentrancy, access control, oracle manipulation, flash loan vectors, donation attacks, and economic logic flaws.

โšก

DeFi Protocol Security

Deep-dive audits for AMMs, lending protocols, bridges, and yield strategies. Specialized detection of TWAP manipulation, exchange rate inflation, cross-chain replay, and liquidation logic errors.

๐Ÿ”

Cryptography & ZKP Audits

SDK-level cryptographic implementation review covering signature schemes, key derivation, RNG, and threshold cryptography. ZKP circuit audits for constraint soundness and under-constrained signal detection.

๐Ÿงฎ

Formal Verification

Mathematical proof of critical protocol invariants โ€” AMM pricing formulas, interest rate models, liquidation conditions. Custom specs in Certora, TLA+, or Coq depending on your stack.

๐ŸŽฏ

Fuzzing Campaigns

Active fuzzing with custom harnesses using AFL++, Echidna, and Foundry invariant tests. Full coverage report and reproducible corpus delivered. Particularly effective for parser bugs and boundary conditions.

๐ŸŒ

Backend & API Security

Security review of backend systems and APIs powering Web3 protocols โ€” authentication, authorization, injection vulnerabilities, and business logic flaws in the off-chain layer.

Security Subscription Plans

๐Ÿ”’ Ongoing Security Coverage for DeFi Teams

Three plans built around what DeFi protocols actually need โ€” from automated baseline scanning with human triage, to full expert coverage including ZKP audits, formal verification, and active fuzzing campaigns. Plans start at $499/month.

View All Subscription Plans โ†’

Prefer a one-time engagement? We scope every audit individually โ€” no fixed packages, no cookie-cutter reports.

Request a Custom Quote

ISO 27001 Readiness Assessments

EU-Based Security Compliance Services

Specialized readiness assessments for European organizations seeking ISO 27001 certification. We evaluate your information security management systems, identify compliance gaps, and provide actionable recommendations to achieve certification faster. Our assessments cover all 114 controls across 14 domains, including risk assessment, access control, cryptography, and incident management.

Gap Analysis

Comprehensive evaluation of current security posture against ISO 27001 requirements with detailed remediation roadmap.

Control Assessment

Systematic review of all 114 security controls with evidence collection and documentation support.

Implementation Support

Practical guidance on implementing missing controls and building compliant security management systems.

Supported Compliance Frameworks

ISO 27001
Global
Information security management
BSI IT-Grundschutz
Germany
Federal security baseline
NIS2 Directive
European Union
Critical infrastructure
DORA
European Union
Financial sector resilience
Cyber Essentials
United Kingdom
UK government-backed scheme
NIST CSF
United States
Enterprise risk framework
SOC 2 Type II
United States
SaaS trust criteria
GDPR Art. 32
EU / UK
Data processor obligations
Request a Compliance Quote Ask a Question
Get Started

Request a Security Audit

Tell us about your project. We scope every engagement individually โ€” no fixed packages, no cookie-cutter reports.

24h Response
Custom quote turnaround
NDA First
Confidentiality guaranteed
Fixed Price
No surprise billing
audit@bytescan.net

We typically respond within 24 hours with a custom quote based on your project scope and requirements.

Frequently Asked Questions

What smart contract languages do you audit?
We audit Solidity (EVM chains), Rust (Solana, ICP), Move (Sui, Aptos), Cairo (Starknet), Motoko (ICP), and other blockchain-specific languages. We also review the off-chain backend and API layer that interacts with your contracts.
How long does a typical audit take?
A focused smart contract audit typically takes 1โ€“2 weeks depending on codebase size and complexity. Engagements that include formal verification or a full fuzzing campaign run 2โ€“4 weeks. We always scope before committing to a timeline.
What's included in a security audit?
Every audit includes manual code review, automated static analysis with false-positive triage, DeFi-specific vector checks (oracle manipulation, flash loans, donation attacks, reentrancy), CVSS-scored findings, and a written report with remediation guidance. Patch review is included โ€” we verify your fixes before final delivery.
Do you support Immunefi bug bounty programs?
Yes. Our audit reports are formatted to be compatible with Immunefi program setup. We can also help you structure your bounty scope, set severity tiers, and triage incoming reports as part of the Full Spectrum Security plan.
What's your responsible disclosure policy?
We follow industry-standard responsible disclosure: 90-day private disclosure period, coordinated public disclosure with the project team, and proper CVE assignment when applicable. We never publicly disclose vulnerabilities without vendor coordination.
Do you offer subscription-based ongoing coverage?
Yes โ€” our subscription plans are designed for teams shipping continuously. The Security Baseline plan ($499/month) covers automated scanning with human triage. The Expert Review plan ($1,499/month) adds manual audit hours. The Full Spectrum plan ($3,499/month) includes unlimited work, formal verification, and a dedicated analyst.

Contact Us

General inquiries, partnerships, or media requests.

Email
audit@bytescan.net
Reply within 24 hours
X / Twitter
@Bytescan_
Latest research & updates
Based in
Berlin, Germany
Serving EU, UK & US clients
Response time
Under 24 hours
Monโ€“Fri, CET timezone
โ†‘