Newsletters and Research¶
Newsletters and Blogs¶
| Resource | Tier | Focus |
|---|---|---|
| New Week in Ethereum News | Must learn | Ethereum ecosystem changes. |
| Web3 Security Newsletter | Use in real audits | Web3 security news and resources. |
| BlockThreat | Use in real audits | Security incidents and research roundup. |
| Secureum Substack | Must learn | Learning material and security drills. |
| DigiBastion Threat Intel | Use in real audits | Free Web3, DeFi, supply-chain, OPSEC, and vulnerability feed with daily, weekly, or immediate email alerts. |
| Paradigm Research | Situational / advanced | Protocol, MEV, and cryptography research. |
| Flashbots Writings | Situational / advanced | MEV and block-building research. |
| Trail of Bits Blog | Must learn | Program analysis and security engineering. |
| OpenZeppelin Blog | Use in real audits | Smart contract and protocol security. |
| Zellic Blog | Use in real audits | Cross-chain and ZK security research. |
| OtterSec Blog | Use in real audits | Solana, Move, and low-level security. |
Reading Workflow¶
For every research article, record:
- the system model
- the bug class or defense
- what changed in your audit checklist
- whether the lesson applies broadly or only to one chain/protocol