Exploit Analysis
August 11, 2025
Real-time lessons from BigONE Exchange $27M supply chain attack
When your security is only as strong as your weakest vendor. On 16th July 2025, the BigONE exchange lost $27M in a sophisticated supply chain attack that compromised hot wallet logic through third-party software. The attack went undetected initially because it bypassed traditional security measures by manipulating operational code. Real-time behavioral monitoring could have caught the anomalous asset movements within minutes instead of hours.
Chirag Agrawal
Real-time lessons from BigONE Exchange $27M supply chain attack
When your security is only as strong as your weakest vendor. On 16th July 2025, the BigONE exchange lost $27M in a sophisticated supply chain attack that compromised hot wallet logic through third-party software. The attack went undetected initially because it bypassed traditional security measures by manipulating operational code. Real-time behavioral monitoring could have caught the anomalous asset movements within minutes instead of hours.
Podcast
August 5, 2025
Decoding 2025's biggest web3 hacks: lessons & trends
This X Spaces discussion hosted by QuillAudits brought together leading security experts from across the Web3 ecosystem, including Guardrail Founder, Samridh Saluja, to discuss the alarming trend of security breaches in early 2025. The conversation focused on the three major attack vectors responsible for 95% of funds lost: access control issues, social engineering attacks, and infrastructure vulnerabilities.
Samridh Saluja - Founder at Guardrail
Decoding 2025's biggest web3 hacks: lessons & trends
This X Spaces discussion hosted by QuillAudits brought together leading security experts from across the Web3 ecosystem, including Guardrail Founder, Samridh Saluja, to discuss the alarming trend of security breaches in early 2025. The conversation focused on the three major attack vectors responsible for 95% of funds lost: access control issues, social engineering attacks, and infrastructure vulnerabilities.
Podcast
August 1, 2025
Trident Talks podcast: Black Hat Spotlights with Samridh Saluja
Guardrail CEO Samridh Saluja discusses how Web3's unique challenges—from open source code to immutable transactions—require a fundamental shift from traditional auditing to continuous, real-time security monitoring. With hacks growing larger while mitigation costs decrease, the security landscape is evolving toward automated, AI-powered protection that adapts faster than threats evolve.
Samridh Saluja - Founder at Guardrail
Trident Talks podcast: Black Hat Spotlights with Samridh Saluja
Guardrail CEO Samridh Saluja discusses how Web3's unique challenges—from open source code to immutable transactions—require a fundamental shift from traditional auditing to continuous, real-time security monitoring. With hacks growing larger while mitigation costs decrease, the security landscape is evolving toward automated, AI-powered protection that adapts faster than threats evolve.
Exploit Analysis
July 25, 2025
Lessons from Arcadia Finance exploit and how real-time alerts could have saved $3.5M
On 15th July 15th, Arcadia Finance lost $3.5M to an exploit that turned the protocol's own safety mechanism against it. The attack began at 4:05 AM, but the team's emergency response didn't start until 4:25 AM, a critical 20-minute window where real-time security monitoring could have blocked the attack in under 2 minutes.
Chirag Agrawal
Lessons from Arcadia Finance exploit and how real-time alerts could have saved $3.5M
On 15th July 15th, Arcadia Finance lost $3.5M to an exploit that turned the protocol's own safety mechanism against it. The attack began at 4:05 AM, but the team's emergency response didn't start until 4:25 AM, a critical 20-minute window where real-time security monitoring could have blocked the attack in under 2 minutes.
Exploit Analysis
July 14, 2025
Lessons from the Resupply exploit and how real-time monitoring could have saved $9.6M
How a classic donation attack exploited a newly deployed vault in 90 minutes. In June 2025, Resupply lost $9.6M to a donation attack on a newly deployed, empty vault. The attacker used a $4K flash loan to donate funds, minted 1 wei of shares, and used it as collateral to borrow the protocol's entire treasury. This preventable attack highlights why proper vault initialization matters.
Chirag Agrawal
Lessons from the Resupply exploit and how real-time monitoring could have saved $9.6M
How a classic donation attack exploited a newly deployed vault in 90 minutes. In June 2025, Resupply lost $9.6M to a donation attack on a newly deployed, empty vault. The attacker used a $4K flash loan to donate funds, minted 1 wei of shares, and used it as collateral to borrow the protocol's entire treasury. This preventable attack highlights why proper vault initialization matters.
News
July 2, 2025
Migrating from OpenZeppelin Defender to Guardrail’s real-time smart contract monitoring
OpenZeppelin Defender is a monitoring and automation platform launched by OpenZeppelin to provide infrastructure for smart contract security, automated responses, and operational workflows. Building within the OZ ecosystem, Defender offers teams a ground-up platform for managing their protocol security.
Chirag Agrawal
Migrating from OpenZeppelin Defender to Guardrail’s real-time smart contract monitoring
OpenZeppelin Defender is a monitoring and automation platform launched by OpenZeppelin to provide infrastructure for smart contract security, automated responses, and operational workflows. Building within the OZ ecosystem, Defender offers teams a ground-up platform for managing their protocol security.