Web3 Attack Vectors.

Cataloged smart contract attack patterns: reentrancy, oracle manipulation, flash loans, MEV, front-running, and the rest of the bestiary.

Filter
Showing 9 of 9
Flash loan attacks: anatomy of nine-figure DeFi exploits
Web3 Attack VectorsApr 29, 2026·37 min

Flash loan attacks: anatomy of nine-figure DeFi exploits

How flash loans amplify oracle, donation, and reentrancy bugs into $200M+ DeFi exploits — Cetus, Penpie, KyberSwap, UwU Lend case studies plus defenses that hold.

Read
DAO governance attacks: how flash loans and vote manipulation drain treasuries
Web3 Attack VectorsMar 23, 2026·21 min

DAO governance attacks: how flash loans and vote manipulation drain treasuries

How attackers exploit DAO governance with flash loans, EVM opcode injection, and quorum exhaustion — plus audit strategies and defense architectures.

Read
Oracle manipulation in DeFi: how price feeds become attack vectors
Web3 Attack VectorsMar 18, 2026·11 min

Oracle manipulation in DeFi: how price feeds become attack vectors

How attackers exploit oracle price feeds in DeFi using flash loans, AMM imbalances, and governance subversion — with defense patterns for protocol architects.

Read
How to protect your DeFi protocol from MEV: A full-stack defense guide
Web3 Attack VectorsMar 16, 2026·12 min

How to protect your DeFi protocol from MEV: A full-stack defense guide

Learn how to defend your DeFi protocol from sandwich attacks and MEV extraction with PBS, encrypted mempools, intent architectures, and Uniswap v4 hooks.

Read
How to Prevent Front-Running in ERC20 Smart Contracts
Web3 Attack VectorsMay 21, 2024·11 min

How to Prevent Front-Running in ERC20 Smart Contracts

Learn how to prevent front-running in ERC20 smart contracts using safer allowance methods and secure coding practices. Protect your tokens from exploits.

Read
Overflow & Underflow in Solidity: Real Audit Findings, Code Examples & Practice Exercise
Web3 Attack VectorsJun 13, 2023·19 min

Overflow & Underflow in Solidity: Real Audit Findings, Code Examples & Practice Exercise

Learn about overflow and underflow vulnerabilities in Solidity with real high and medium severity audit findings, code examples, and an exercise to practice.

Read
Real-Life Denial of Service Attacks on Smart Contracts
Web3 Attack VectorsApr 26, 2023·10 min

Real-Life Denial of Service Attacks on Smart Contracts

Explore real-life examples of Denial of Service (DoS) attacks on smart contracts found in audit contests. Learn about DoS caused by underflow, gas limits, nonReentrant modifiers, external calls, and malicious receivers.

Read
Phishing Attack in Web3: Why You Should Never Use tx.origin
Web3 Attack VectorsMar 7, 2023·6 min

Phishing Attack in Web3: Why You Should Never Use tx.origin

Learn why using tx.origin for authorization in Solidity is vulnerable to phishing attacks, how attackers exploit it, and how msg.sender prevents it.

Read
Reentrancy Attacks in Solidity — Understand Them and Prevent Them
Web3 Attack VectorsFeb 28, 2023·11 min

Reentrancy Attacks in Solidity — Understand Them and Prevent Them

Learn what reentrancy attacks are in Solidity smart contracts, how attackers exploit them, and three prevention techniques including noReentrant modifiers, Checks-Effects-Interactions pattern, and GlobalReentrancyGuard.

Read