Search
Connect Kit Exploit Sparks Criticism of Ledger’s Security Framework
15.12.2023
On Dec. 14, 2023, Ledger’s Connect Kit, a Javascript library for wallet connectivity, suffered a significant exploit. This incident, which was contained within two hours, has brought forth a number of criticisms of Ledger’s security practices. Ledger Exploit Elicits Mixed Reactions From...
Ledger Connect Kit Breach: Hacker Siphons $484K, Company Rolls Out Version 1.1.8
14.12.2023
The unknown attacker that compromised Ledger’s Connectkit Library has reportedly siphoned $484,000 from wallets, according to the onchain intelligence firm Lookonchain. Ledger disclosed a former employee fell victim to a phishing attack and the attacker gained access to the Ledger Connectkit...
Ledger Library Exploit Alert: Users Warned Against Interacting With Dapp Front Ends Amid Wallet Drainer Risk
14.12.2023
According to several reports, there’s been an alleged Ledger Connectkit Library exploit and people are being warned not to interact with decentralized application (dapp) front ends. Reportedly, the library that maintained several dapps now contains a wallet drainer. Ledger Library Breach: Experts...
Bitcoin Developer Luke Dashjr Registers Ordinal Inscriptions Workaround as a Vulnerability
13.12.2023
Luke Dashjr, Bitcoin developer and CTO of Mummalin, has registered a method that allows Ordinal inscriptions to be saved on the Bitcoin blockchain as a code vulnerability. The vulnerability, CVE-2023-50428, states that “datacarrier size limits can be bypassed by obfuscating data...
Thirdweb Begins Mitigation of Vulnerability Affecting Thousands of Smart Contracts
8.12.2023
Thirdweb, a Web3 development framework provider, has announced that it has started mitigating a vulnerability that could potentially affect thousands of smart contracts across several networks. The vulnerability, uncovered in November, impacts various pre-built smart contracts that the framework...
Bitcoin Developer Luke Dashjr States Inscriptions Are Exploits, Hints at Future Fix
7.12.2023
Luke Dashjr, bitcoin developer and Mummolin’s CTO, has reiterated his negative opinion about Ordinal inscriptions, stating these leverage and exploit a vulnerability in the Bitcoin Core full node software implementation. Dashjr also hinted at correcting this “exploit” in...
Developer Says Ordinals Are Exploiting a “Vulnerability” to Spam Bitcoin Network, Proposes Bug Fix
6.12.2023
Image Source: Pixabay Bitcoin Core developer Luke Dashjr has proposed a bug fix to potentially alleviate the network congestion caused by new Ordinals and BRC-20 tokens. In a recent post on X (formerly Twitter), Dashjr claimed that these tokens are taking advantage of a vulnerability within...
Web3 Firm Thirdweb Finds Major Vulnerability In Smart Contracts
5.12.2023
Source: Pixabay Web3 developer Thirdweb has disclosed a security vulnerability that has the potential to affect a range of smart contracts within the Web3 ecosystem. In an X post on Monday, the firm notified its followers that it had found a vulnerability in a commonly used open-source library that...
Vulnerability Disclosure Prompts InfStones to Rotate Validator Keys
23.11.2023
Source: Pixabay InfStones, a crucial node operator affiliated with Lido Finance, is poised to temporarily remove its Ethereum validators from the liquid staking protocol. In response to a substantial vulnerability uncovered by security researchers at dWallet Labs, the operator plans to execute...
Hackers Exploit Apache ActiveMQ Flaw To Mine Crypto
22.11.2023
Source: Pixabay Hackers are currently targeting a critical Apache ActiveMQ vulnerability to download and infect Linux machines with the Kinsing malware and crypto miner. In a blog post published on November 20, Trend Micro researchers reported that the exploitation of the CVE-2023-46604...
Security Firm dWallet Labs Uncovers Vulnerability with $1 Billion of Crypto At Risk
21.11.2023
Source: Pixabay Blockchain security firm dWallet Labs recently unveiled a vulnerability that it asserts has the potential to impact approximately $1 billion worth of crypto. The security firm published a Medium blog post on Tuesday saying that it had discovered a potential vulnerability...
Fantom Awards $1.7 Million to Security Researcher for Spotting A Massive Vulnerability
21.11.2023
Source: Adobe Stock / sunilpurushe The Fantom Foundation has awarded a $1.7 million bounty to a blockchain security researcher who identified a potential breach that could result in $170 million losses. The non-profit organization that partakes in the blockchain’s development says it has eliminated...
Security firm dWallet Labs flags validator vulnerability that could affect $1B in crypto
21.11.2023
Validator service provider InfStones disagreed and told Cointelegraph that “nothing close to $1 billion in assets would be at risk,” even in the worst-case scenario
A Major Vulnerability Found in Early Crypto Wallet Software Risks Billions in Assets
17.11.2023
A critical vulnerability in early cryptocurrency wallets, identified by cybersecurity startup Unciphered, threatens billions of dollars in digital assets. Originating from a flaw in the BitcoinJS software used for wallet generation between 2011 and 2015, this issue exposes wallets to potential...
Solana hoses down ‘inaccurate’ CertiK report on Saga phone security flaws
16.11.2023
CertiK claims Solana’s Saga smartphone contains a critical “bootloader vulnerability” — Solana Labs says the claims are entirely inaccurate
White Hat Hackers Awarded $300K After Uncovering Critical Chainlink VRF Vulnerability
15.11.2023
White hat hackers earn $300K Chainlink bounty for responsibly disclosing critical VRF vulnerability. Image by ZayNyi, Adobe Stock. Decentralized oracle network Chainlink recently awarded white hat hackers Zach Obront and Or Cyngiser of Trust $300,000 for uncovering a critical vulnerability in...
Cybersecurity team claims up to $2.1B in crypto stored in old wallets are at risk
15.11.2023
The security firm urges those using wallets generated from 2011 to 2015 to transfer their assets to crypto wallets that were generated more recently
DeFi vulnerability leading to $6.7M exploit 'not detected' by auditors
13.11.2023
The project was previously audited by Trail of Bits and Hats Finance
Fireblocks, UniPass wallet tackle Ethereum ERC-4337 account abstraction vulnerability
27.10.2023
Fireblocks assists smart contract wallet UniPass to address ERC-4337 account abstraction vulnerability
Lightning Network Developer States Disclosed Vulnerability Is Not an ‘Intentional Backdoor,’ Calls for Responsible Journalism
25.10.2023
Antoine Riard, a security researcher and developer who exposed a vulnerability in the Lightning Network, Bitcoin’s scaling layer, has clarified this vulnerability is not an “intentional backdoor,” addressing statements made on social media. Riard stressed the problem had been...