GM Anon!

Welcome to this month’s QuillAudits roundup, where we discuss everything that happened in Web3 security, including recent attacks, our research, and our partnership initiatives.

Month In Review

This month, the Web3 ecosystem witnessed a series of high-impact security incidents resulting in over $100 million in total losses. The attacks targeted DeFi protocols, staking platforms, and infrastructure providers, with exploit vectors ranging from private key compromises and infrastructure breaches to logic flaws and rug pulls.

The largest incidents involved SwissBorg and UXLINK, each losing ~$41 million due to infrastructure and private key compromises, respectively. Both attacks highlighted the ongoing threat of centralized components within decentralized ecosystems. Meanwhile, Bunni V2 suffered an $8.3 million loss from a precision bug in its liquidity accounting logic, and NewGold Protocol was exploited for $2 million through price manipulation tied to a flawed fee and oracle design.

In addition, GriffinAI and Seedify faced key and infrastructure breaches, while HyperVault executed a rug pull, collectively emphasizing the industry’s persistent exposure to both internal and external security risks.

Overall, September 2025 underscored the need for improved operational security, infrastructure hardening, and proactive on-chain monitoring to mitigate losses and rebuild trust across the Web3 landscape.

Audit Stats from September

Featured Blogs

ERC-3643 Explained: T-REX Standard in DeFi

ERC-8004: Infrastructure for Autonomous AI Agents

Top DEX Risks & How Uniswap Addresses Them

Read about Major Hacks from Last Month

Bunni: On Sept 2, 2025, attackers exploited a precision bug in BunniHook’s liquidity accounting to drain ~$8.3M from Ethereum and UniChain pools. By combining flash loans with repeated micro-withdrawals, they manipulated rounding errors in withdraw() to extract excess liquidity. The exploit impacted multiple pools before the protocol halted operations and initiated recovery efforts.

SwissBorg: On Sept 8, 2025, attackers drained ~$41M (≈192,600 SOL) from SwissBorg’s SOL Earn by compromising staking partner Kiln’s API to transfer stake-account authority and perform rapid unstake/withdrawals. The incident affected under 1% of users; SwissBorg paused Solana staking and pledged treasury funds to cover losses while Kiln disabled its APIs during the investigation.

New Gold Protocol: On Sept 17, 2025, NewGold Protocol (BNB Chain) lost ~$2M to a flash-loan exploit. The attacker manipulated a PancakeSwap-based price oracle and abused a flawed 35% fee/transfer mechanism (plus a whitelisted dead-wallet bypass) to drain the BSC-USD liquidity pool, then converted and laundered proceeds via KyberSwap, Across, and Tornado Cash. The protocol later acknowledged the incident, but no full recovery plan was published.

Griffin AI: On Sept 24, 2024, a compromised admin EOA allowed attackers to manipulate LayerZero’s peer configuration and mint ~5 billion $GAIN tokens, resulting in a ~$3.5M loss after the attacker dumped tokens across chains. By registering a malicious Ethereum OFT as a trusted peer, the attacker triggered cross-chain mints on BNB Chain, swapped the proceeds to stablecoins, and bridged out, ultimately converting to roughly 876 ETH and laundering much of it via Tornado Cash. GriffinAI paused markets and liquidity, migrated to a new audited token, and announced buybacks and other remediation steps.

Cross-Chain Swaps Arrive in the Uniswap v4 Handbook

Following the successful launch of the Uniswap v4 Development Handbook, we’ve added a brand-new section exploring cross-chain swap functionality using Chainlink’s CCIP.

This update walks developers through the process of building a Cross-Chain Swap Hook, showcasing how programmable liquidity in Uniswap v4 can seamlessly integrate with cross-chain messaging for secure, interoperable trading.

Readers will learn:

How to leverage CCIP within a Uniswap v4 Hook for cross-chain swaps.
Key considerations for security, gas efficiency, and trust minimization.
Practical insights for building next-gen omnichain DeFi applications.

Explore the full handbook here: Uniswap v4 Development Handbook

Partnerships and Collaborations

Listed as an official audit partner for the new @areta_io marketplace on @0xPolygon, enabling builders to launch securely from day one, your code, secured by Quill.

QuillAudits 📍 Token2049 🥷

@QuillAudits_AI

We're proud to stand among the elite as a listed audit partner for the new @areta_io market on @0xPolygon.
This ecosystem is building the future, and we're here to ensure it's built securely.
Ready to serve builders from day one with security audits.
Your code, secured by https://twitter.com/bernard_xyz/status/1973053303673028781

Bernard ⚡️⚡️⚡️

@bernard_xyz

4/ All this is only possible through the contribution of our top-tier security partners, who will be available to serve the needs of builders on the Polygon Audit Marketplace from day 1.

6:12 PM • Oct 3, 2025

Retweets

Likes

Read 2 replies

Partnering with xFounders Bootcamp in Bali (Oct 6–Nov 2) to bring real-world Web3 security expertise to the next generation of founders, empowering builders to redefine what secure enough truly means.

QuillAudits 📍 Token2049 🥷

@QuillAudits_AI

Excited to be part of the @StarknetFndn x #XFounders Bootcamp bringing real-world security expertise to the next generation of Web3 builders.
Come prepared to challenge your assumptions about what "secure enough" means.
Find @0x0kyoshi to talk everything about security. 
Who https://twitter.com/XFounders_camp/status/1973029539845472572

XFounders Bootcamp & Startup Reality | Bali 🌴

@XFounders_camp

🚀 @StarknetFdn x #XFounders Bootcamp is bringing top experts in security, law & finance to 🌴 Bali: 🔹 Kioshi @QuillAudits_AI - securing 1000+ Web3 projects & $30B+ in funds 🔹 Nastia @thepointlegal - 15+ yrs in tech law, Web3 & venture deals 🔹 Alexander Skurikhin - VC-turned

1:3 PM • Oct 1, 2025

Retweets

Likes

Read 1 replies

Partnered with @Syndika_co to fast-track secure Web3 innovation, offering builders priority audit access, transparent security insights, and education-driven support to help teams launch safely and confidently.

QuillAudits 📍 Token2049 🥷

@QuillAudits_AI

Security is your competitive advantage. When you build on a rock-solid foundation, you can focus on what matters most: building the future.
S𝘆𝗻𝗱𝗶𝗸𝗮'𝘀 𝗲𝗰𝗼𝘀𝘆𝘀𝘁𝗲𝗺 gets:
1. Fast-track audit slots for time-sensitive launches.
2. Transparent, actionable security https://twitter.com/Syndika_co/status/1967897732573446431

Syndika

@Syndika_co

Syndika 🤝 QuillAudits: Securing the Future of Web3 Startups We’re excited to announce our partnership with @QuillAudits_AI, a global leader in blockchain security trusted by 1,400+ Web3 projects. Together, Syndika and QuillAudits are strengthening the foundation for Web3

5:42 PM • Sep 17, 2025

Retweets

Likes

Read 1 replies

Joined forces with @GainVentures and @BoostyLabs at the AI + Web3 Pitch Competition in Seoul to support startups building at the intersection of AI and blockchain, empowering innovators to scale securely and shape the future of decentralized intelligence.

QuillAudits 📍 Token2049 🥷

@QuillAudits_AI

The intersection of artificial intelligence and blockchain is creating unprecedented opportunities. We're seeing groundbreaking innovations that need rock-solid security foundations.
As these technologies converge, security becomes even more critical. AI smart contracts, https://twitter.com/GainVentures/status/1969053221965754492