diff --git a/content/attacks/posts/claude_test.md b/content/attacks/posts/claude_test.md
new file mode 100644
index 000000000..96291ab73
--- /dev/null
+++ b/content/attacks/posts/claude_test.md
@@ -0,0 +1,83 @@
+---
+date: 2023-09-12
+target-entities: CoinEx
+tags:
+  - Lazarus Group
+  - North Korea
+entity-types:
+  - Exchange
+  - Custodian
+attack-types:
+  - Wallet Hack
+  - Social Engineering
+title: "CoinEx Suffers $20 Million Security Breach Across Multiple Chains"
+---
+
+## Summary
+
+On September 12, 2023, CoinEx, a crypto trading platform operating on various chains, experienced a massive security breach due to a private key compromise. The attacker [exploited CoinEx's hot wallets and extracted approximately $20 million worth of assets](https://www.bleepingcomputer.com/news/security/hackers-steal-53-million-worth-of-cryptocurrency-from-coinex/) across 9 different chains. The stolen funds were transferred to the attacker's addresses and then laundered via distribution between multiple addresses and smart contracts. Lazarus Group is suspected to be behind the theft, as multiple sources have confirmed an onchain connection between Stake.com, Atomic Wallet, and the CoinEx hacks.
+
+## Attackers
+
+North Korean Lazarus Group is suspected to be behind the theft. The attackers used the following addresses to transfer the funds:
+
+- **Ethereum:**
+      - [0xCC1AE485b617c59a7c577C02cd07078a2bcCE454](https://etherscan.io/address/0xCC1AE485b617c59a7c577C02cd07078a2bcCE454)
+      - [0x8bf8cd7F001D0584F98F53a3d82eD0bA498cC3dE](https://etherscan.io/address/0x8bf8cd7F001D0584F98F53a3d82eD0bA498cC3dE)
+      - [0x483D88278Cbc0C9105c4807d558E06782AEFf584](https://etherscan.io/address/0x483D88278Cbc0C9105c4807d558E06782AEFf584)
+
+- **Binance Smart Chain:**
+      - [0x6953704e753C6FD70Eb6B083313089e4FC258A20](https://bscscan.com/address/0x6953704e753C6FD70Eb6B083313089e4FC258A20)
+
+- **Polygon:**
+      - [0x4515bE0067E60d8e49b2425D37e61c791C9B95e9](https://polygonscan.com/address/0x4515bE0067E60d8e49b2425D37e61c791C9B95e9)
+
+- **Tron:**
+      - [TPFUjxQzG88Vwynrpj2W61ZAkQ9W2QYgAQ](https://tronscan.org/#/address/TPFUjxQzG88Vwynrpj2W61ZAkQ9W2QYgAQ)
+
+- **Solana:**
+      - [G3udanrxk8stVe8Se2zXmJ3QwU8GSFJMn28mTfn8t1kq](https://explorer.solana.com/address/G3udanrxk8stVe8Se2zXmJ3QwU8GSFJMn28mTfn8t1kq)
+
+- **Bitcoin:**
+      - [1BHNb9UJy4cWFB5wywZkTVgoNB4JbFmswH](https://www.blockchain.com/btc/address/1BHNb9UJy4cWFB5wywZkTVgoNB4JbFmswH)
+
+- **Bitcoin Cash:**
+      - [qrgxyhj8rzl4l7fgauu6q6vtu2grct4jeyrnaq2s75](https://explorer.bitcoin.com/bch/address/qrgxyhj8rzl4l7fgauu6q6vtu2grct4jeyrnaq2s75)
+
+- **Ripple:**
+      - [rpQxVcjVF2fC23r3xKyJS53jw8d5SRhZQf](https://xrpscan.com/account/rpQxVcjVF2fC23r3xKyJS53jw8d5SRhZQf)
+
+- **XDAG:**
+      - [15VY3MadZvLpXhjzFXwCUmtZcHszju6L9](https://explorer.xdag.io/block/15VY3MadZvLpXhjzFXwCUmtZcHszju6L9)
+
+The following address was used to consolidate funds from both Stake.com and CoinEx hacks:
+
+- [0x75497999432b8701330fb68058bd21918c02ac59](https://polygonscan.com/address/0x75497999432b8701330fb68058bd21918c02ac59)
+
+## Losses
+
+CoinEx lost $52,847,077 in total across the following chains:
+
+- $18,324,848 in Ethereum
+- $6,286,018 in Binance Smart Chain
+- $288,072 in Polygon
+- $11,119,353 in Tron
+- $2,496,432 in Solana
+- $6,082,389 in Bitcoin
+- $447,574 in Bitcoin Cash
+- $6,113,201 in Ripple
+- $1,689,190 in XDAG
+
+## Timeline
+
+- **September 12, 2023, 01:21 PM UTC:** Funds were [drained from CoinEx's Ethereum hot wallet](https://etherscan.io/tx/0x9e8d4d98d815a1725031f7f5f92de42f999045bef70eedc64baf6c15ca230eaa) for 408,741 DAI
+- **September 12, 2023, 05:38 PM UTC:** CoinEx [has suspended services temporarily](https://twitter.com/coinexcom/status/1701651414991397176), and promises to compensate any losses.
+- **September 15, 2023:** Elliptic Research, crypto security firm, [published a post](https://www.elliptic.co/blog/how-the-lazarus-group-is-stepping-up-crypto-hacks-and-changing-its-tactics), with the proof of onchain relation between CoinEx and Stake.com hacks:
+  > Elliptic analysis confirms that some of the funds stolen from CoinEx were sent to an address which was used by the Lazarus Group to launder funds stolen from Stake.com, albeit on a different blockchain.
+- **September 20, 2023, 09:17 AM UTC:** CoinEx [announced the resumption of deposit and withdrawal services](https://announcement.coinex.com/hc/en-us/articles/19319131621908-CoinEx-Will-Resume-Deposit-and-Withdrawal-Services-of-BTC-ETH-USDT-USDC-etc-Estimated-on-Sep-21-2023) on Sep 21, 2023 at 8:00 UTC.
+
+## Security Failure Causes
+
+**Compromised Private Key:** The primary cause of the security breach was the compromise of the private key for CoinEx's hot wallets. This allowed the attacker to gain unauthorized access to the funds and perform malicious transactions.
+
+**Social Engineering:** The Lazarus Group’s attack methodology of choice is social engineering. The $540 million hack of Ronin Bridge, for example, was attributed to a fake LinkedIn job offer.
diff --git a/content/attacks/posts/claude_test1.md b/content/attacks/posts/claude_test1.md
new file mode 100644
index 000000000..a421b806e
--- /dev/null
+++ b/content/attacks/posts/claude_test1.md
@@ -0,0 +1,83 @@
+---
+date: 2023-09-12
+target-entities: CoinEx
+tags:
+  - Lazarus Group
+  - North Korea
+entity-types:
+  - Exchange
+  - Custodian
+attack-types:
+  - Wallet Hack
+  - Social Engineering
+title: "CoinEx Suffers $20 Million Security Breach Across Multiple Chains"
+---
+
+## Summary
+
+On September 12, 2023, CoinEx, a crypto trading platform operating on various chains, experienced a massive security breach due to a private key compromise. The attacker exploited CoinEx's hot wallets and extracted approximately $20 million worth of assets across 9 different chains. The stolen funds were transferred to the attacker's addresses and then laundered via distribution between multiple addresses and smart contracts. Lazarus Group is suspected to be behind the theft, as multiple sources have confirmed an onchain connection between Stake.com, Atomic Wallet, and the CoinEx hacks.
+
+## Attackers
+
+North Korean Lazarus Group is suspected to be behind the theft. The attackers used the following addresses to transfer the funds:
+
+- **Ethereum:**
+      - [0xCC1AE485b617c59a7c577C02cd07078a2bcCE454](https://etherscan.io/address/0xCC1AE485b617c59a7c577C02cd07078a2bcCE454)
+      - [0x8bf8cd7F001D0584F98F53a3d82eD0bA498cC3dE](https://etherscan.io/address/0x8bf8cd7F001D0584F98F53a3d82eD0bA498cC3dE)
+      - [0x483D88278Cbc0C9105c4807d558E06782AEFf584](https://etherscan.io/address/0x483D88278Cbc0C9105c4807d558E06782AEFf584)
+
+- **Binance Smart Chain:**
+      - [0x6953704e753C6FD70Eb6B083313089e4FC258A20](https://bscscan.com/address/0x6953704e753C6FD70Eb6B083313089e4FC258A20)
+
+- **Polygon:**
+      - [0x4515bE0067E60d8e49b2425D37e61c791C9B95e9](https://polygonscan.com/address/0x4515bE0067E60d8e49b2425D37e61c791C9B95e9)
+
+- **Tron:**
+      - [TPFUjxQzG88Vwynrpj2W61ZAkQ9W2QYgAQ](https://tronscan.org/#/address/TPFUjxQzG88Vwynrpj2W61ZAkQ9W2QYgAQ)
+
+- **Solana:**
+      - [G3udanrxk8stVe8Se2zXmJ3QwU8GSFJMn28mTfn8t1kq](https://explorer.solana.com/address/G3udanrxk8stVe8Se2zXmJ3QwU8GSFJMn28mTfn8t1kq)
+
+- **Bitcoin:**
+      - [1BHNb9UJy4cWFB5wywZkTVgoNB4JbFmswH](https://www.blockchain.com/btc/address/1BHNb9UJy4cWFB5wywZkTVgoNB4JbFmswH)
+
+- **Bitcoin Cash:**
+      - [qrgxyhj8rzl4l7fgauu6q6vtu2grct4jeyrnaq2s75](https://explorer.bitcoin.com/bch/address/qrgxyhj8rzl4l7fgauu6q6vtu2grct4jeyrnaq2s75)
+
+- **Ripple:**
+      - [rpQxVcjVF2fC23r3xKyJS53jw8d5SRhZQf](https://xrpscan.com/account/rpQxVcjVF2fC23r3xKyJS53jw8d5SRhZQf)
+
+- **XDAG:**
+      - [15VY3MadZvLpXhjzFXwCUmtZcHszju6L9](https://explorer.xdag.io/block/15VY3MadZvLpXhjzFXwCUmtZcHszju6L9)
+
+The following address was used to consolidate funds from both Stake.com and CoinEx hacks:
+
+- [0x75497999432b8701330fb68058bd21918c02ac59](https://polygonscan.com/address/0x75497999432b8701330fb68058bd21918c02ac59)
+
+## Losses
+
+CoinEx lost $52,847,077 in total across the following chains:
+
+- $18,324,848 in Ethereum
+- $6,286,018 in Binance Smart Chain
+- $288,072 in Polygon
+- $11,119,353 in Tron
+- $2,496,432 in Solana
+- $6,082,389 in Bitcoin
+- $447,574 in Bitcoin Cash
+- $6,113,201 in Ripple
+- $1,689,190 in XDAG
+
+## Timeline
+
+- **September 12, 2023, 01:21 PM UTC:** Funds were [drained from CoinEx's Ethereum hot wallet](https://etherscan.io/tx/0x9e8d4d98d815a1725031f7f5f92de42f999045bef70eedc64baf6c15ca230eaa) for 408,741 DAI
+- **September 12, 2023, 05:38 PM UTC:** CoinEx [has suspended services temporarily](https://twitter.com/coinexcom/status/1701651414991397176), and promises to compensate any losses.
+- **September 15, 2023:** Elliptic Research, crypto security firm, [published a post](https://www.elliptic.co/blog/how-the-lazarus-group-is-stepping-up-crypto-hacks-and-changing-its-tactics), with the proof of onchain relation between CoinEx and Stake.com hacks:
+  > Elliptic analysis confirms that some of the funds stolen from CoinEx were sent to an address which was used by the Lazarus Group to launder funds stolen from Stake.com, albeit on a different blockchain.
+- **September 20, 2023, 09:17 AM UTC:** CoinEx [announced the resumption of deposit and withdrawal services](https://announcement.coinex.com/hc/en-us/articles/19319131621908-CoinEx-Will-Resume-Deposit-and-Withdrawal-Services-of-BTC-ETH-USDT-USDC-etc-Estimated-on-Sep-21-2023) on Sep 21, 2023 at 8:00 UTC.
+
+## Security Failure Causes
+
+**Compromised Private Key:** The primary cause of the security breach was the compromise of the private key for CoinEx's hot wallets. This allowed the attacker to gain unauthorized access to the funds and perform malicious transactions.
+
+**Social Engineering:** The Lazarus Group’s attack methodology of choice is social engineering. The $540 million hack of Ronin Bridge, for example, was attributed to a fake LinkedIn job offer.
diff --git a/content/attacks/posts/test_fact_check.md b/content/attacks/posts/test_fact_check.md
new file mode 100644
index 000000000..8e842f219
--- /dev/null
+++ b/content/attacks/posts/test_fact_check.md
@@ -0,0 +1,34 @@
+---
+date: 2022-01-28
+target-entities: Qubit Finance
+entity-types:
+  - DeFi
+  - Lending Platform
+attack-types: Smart Contract Exploit
+title: "Hackers Breach Qubit Finance Platform, Stealing $30 Million"
+loss: 30000000
+---
+
+## Summary
+
+On January 28, 2022, Qubit Finance, a project built on the BNB Chain (formerly known as Binance Smart Chain), announced a breach of its QBridge credit protocol on their Twitter page. The platform was hacked due to a specific vulnerability in the bridge. Hackers were able to mint an unlimited amount of xETH as collateral for loans on the Binance Smart Chain network. The platform's native token, QBT, plummeted by 26% overnight. CertiK Security reported that the attacker called the deposit function in the QBridge contract, but did not deposit funds. Ethereum QBridge recorded the deposit event and released $qXETH to the hacker on the BSC blockchain. The hacker repeated the procedure several times, increasing production to nearly $30 million.
+
+## Attackers
+
+The perpetrators remain unidentified. The Qubit Finance team posted a tweet with the address used in the attack: 0xd01ae1a708614948b2b5e0b7ab5be6afa01325c7.
+
+## Losses
+
+An unlimited amount of xETH was released and employed as loan collateral on the Binance Smart Chain. This exploit led to the misappropriation of cryptocurrencies amounting to roughly $30 million.
+
+## Timeline
+
+- **January 28, 2022 6:19 AM:** PeckShield, a blockchain security and smart contract audit company, confirmed the exploit.
+- **January 28, 2022 8:14 AM:** Project representatives confirmed the hacking incident and stated that they were tracking the stolen funds.
+- **January 28, 2022 9:30 AM:** The project team reported that they had contacted the perpetrators and offered a "maximum reward", which is 250,000$.
+
+## Security Failure Causes
+
+**Smart contract vilnerability:** The Qubit hack was made possible by the fact that a legacy function (deposit) remained in the contract after it was replaced by a newer function (depositETH). Their overlapping functionality and vulnerabilities that allowed fake deposits made this hack possible.
+
+**Lack of code review:** The existence of legacy code in the contract indicates issues with code review and change management. Similarly, the vulnerabilities that allowed the fake deposit could have been detected during a smart contract audit.