An in-depth look at how 0x's Exchange contract was vulnerable
A second CTF from ConsenSys Diligence. The solution is a blast from the past.
A writeup for the ConsenSys CTF "Ethereum Sandbox"
I read a great blog post by @CapacitorSet and @denysvitali about discovering a RCE vulnerability in math.js and thought I'd give it a shot as well.