Posts tagged with

Validator threat intelligence has no shared format. We're publishing a bundle spec, a ten-family taxonomy, and seeding a 1,092-bundle corpus to fix that.

NullRabbit scanned 5,715 validator hosts across Solana and Sui, running 10,139 scans and identifying 1,340 CVE findings across 155 hosts. Here's what the validator attack surface actually looks like.

Slashr tracks validator delinquency, jailing, slashing, and missed votes across Solana, Ethereum, Sui, and Cosmos in real time. Wallet checks, rankings, automated scanning, and reliability reports -- all from on-chain data.

Slashr now has a Model Context Protocol server. Any MCP-compatible AI tool -- Claude Code, Claude Desktop, or custom agents -- can query live validator incident data, scan results, and network summaries directly.

Validators go down constantly. Almost nobody is watching it happen in real time, across chains, in one place. So we built slashr.dev, a live incident feed tracking Solana, Ethereum, Sui, and Cosmos.

A first look at what DeFi validator infrastructure looks like at the kernel level. We crack open the consolidated dataset -- embedding galaxies, jitter fingerprints, RTT ridgelines, and 10,000 anomaly events across 642 silent hosts.

Every blockchain network has a physical fingerprint. We pointed our eBPF/XDP scanner at 1,075 hosts across multiple DeFi validator networks and mapped 3,001 timing fingerprints to reveal the structure underneath the consensus layer.

We scanned 138 Sui validators across 20 countries using kernel-level temporal fingerprinting. 41% have SSH exposed, 57 run unexpected internet-facing services, and 9 confirmed CVEs sit on 4 hosts -- including 2 critical at CVSS 9.8. Here is what we found and why it matters for DeFi.

Solana reportedly absorbed a sustained ~6 Tbps volumetric DDoS attack with no downtime. That's real progress. It's also not the same thing as being protected.

Validator nodes face constant exposure. This deep dive explains how NullRabbit Guard uses eBPF and XDP to enforce security directly inside the NIC driver, dropping scans and abnormal traffic at line rate before they reach the kernel or your node.

NullRabbit's September 2025 benchmark provides a consolidated security snapshot of all Sui validators. Scores ranged from 15 to 93, with a median of 45, and 18.5% meeting our good practice threshold. This dataset and heatmap give validators tools to improve, while offering delegators transparency when choosing staking providers.

Recent Ethereum validator slashings showed how fragile infra can be. Our scan of Sui uncovered something worse: nearly 40% of validator voting power exposed.

NullRabbit's August 2025 scan of the Sui validator set revealed nearly 40% of voting power exposed to SSH, CVEs, and misconfigurations - leaving the network one step away from consensus failure.