We scanned 138 Sui validators across 20 countries using kernel-level temporal fingerprinting. 41% have SSH exposed, 57 run unexpected internet-facing services, and 9 confirmed CVEs sit on 4 hosts -- including 2 critical at CVSS 9.8. Here is what we found and why it matters for DeFi.
NullRabbit's September 2025 benchmark provides a consolidated security snapshot of all Sui validators. Scores ranged from 15 to 93, with a median of 45, and 18.5% meeting our good practice threshold. This dataset and heatmap give validators tools to improve, while offering delegators transparency when choosing staking providers.
Recent Ethereum validator slashings showed how fragile infra can be. Our scan of Sui uncovered something worse: nearly 40% of validator voting power exposed.
NullRabbit's August 2025 scan of the Sui validator set revealed nearly 40% of voting power exposed to SSH, CVEs, and misconfigurations - leaving the network one step away from consensus failure.