Micheal Ogaga

Security Engineer · Application & Platform Security Vulnerability Researcher

Responsible for patching critical vulnerabilities across 50+ platforms from Apple's OS ecosystem to DeFi protocols securing hundreds of millions in user assets.

Remote (GMT+1)  ·  LinkedIn  ·  HackerOne  ·  Email

Critical Findings and Platforms I've Secured

All research conducted through authorized bug bounty programs and responsible disclosure. Findings verified, acknowledged, and patched by respective engineering teams.

Platform Severity Impact Status

01🍎 AppleOS / Platform Security🔴 Critical Patched in iOS 18.4, iPadOS 18.4, macOS Sequoia 15.4✅ Acknowledged

02👻 Phantom WalletCrypto Wallet Security🔴 Critical Authentication & authorization vulnerability✅

Patched03🌊 Flow BlockchainL1 Blockchain Protocol🔴 Critical Platform-level security flaw✅ Patched

04🦈 SaucerSwapDEX / DeFi Protocol🔴 Critical Smart contract / platform vulnerability✅ Patched

05🐰 RabbitX ExchangeDerivatives Exchange🔴 Critical Backend / trading system vulnerability✅ Patched

06🌿 OriginTrailWeb3 Data Protocol🔴 Critical Platform security vulnerability✅ Patched

07🎮 Ultra WalletGaming / NFT Wallet🔴 Critical OAuth 2.0 & authorization logic flaw✅ Patched

08🔷 Ripple ProtocolL1 Blockchain / XRP🔴 Critical Protocol-level security vulnerability✅ Patched

09💎 Ruby ProtocolPrivacy Protocol🔴 Critical Platform security vulnerability✅ Patched

10🔺 Rubic ExchangeCross-chain DEX🔴 Critical Platform / API security vulnerability✅ Patched

11🐿️ Squirrel WalletCrypto Wallet🔴 Critical Wallet security vulnerability✅ Patched

12🌊 HydraDEXDEX Protocol🔴 Critical Smart contract / platform vulnerability✅ Patched

13♾️ Infiniti FinanceDeFi Protocol🔴 Critical Platform security vulnerability✅ Patched

14🛡️ RailgunPrivacy DEX / Protocol🔴 Critical Platform / contract security vulnerability✅ Patched

15💰 ONRE FinanceDeFi Protocol🔴 Critical Platform security vulnerability✅ Patched

Apple security acknowledgment (public): support.apple.com/en-us/111900

What I Do

Application Security → OAuth 2.0 flaws, session token abuse, auth bypass, IDOR

Smart Contract Audits → Reentrancy, access control, integer overflow, fuzz testing

Mobile Security → OTA update abuse, OWASP Mobile Top 10, APK analysis

Web3 / DeFi Security → DEX pentesting, wallet security, WalletConnect, API exposure

Platform Hardening → Threat modeling, attack surface mapping, SAST/DAST workflows

Skills

Languages  ·  Go · Python · Java · Solidity · Rust

Security  ·  Penetration Testing · OWASP Top 10 · OWASP Mobile Top 10 · CVSS Scoring · Threat Modeling · Responsible Disclosure · SAST ·

DAST · Secure SDLC

Web3  ·  Smart Contract Auditing · Foundry · Hardhat · Slither · DeFi Security

Tools  ·  Burp Suite · ADB · HackerOne · Bugcrowd

Certifications

NIIT