News list for "Vulnerability"
After an unexpected vulnerability was discovered in an audited smart contract, Virtuals Protocol released a timely fix and restarted its bug bounty program. On December 3, 2024, a security researcher under the pseudonym Jinu contacted Virtuals Protocol after discovering a vulnerability in one of its audited contracts. However, after reporting the issue, Jinu learned that the company had not activated the bug bounty program, meaning the discovery was not eligible for the bounty. Virtuals Protocol...
The final months of 2024 saw losses from cryptocurrency scams, vulnerabilities, and hacks gradually decrease, with December being the month with the fewest hacks of the year. Blockchain security firm CertiK said in a Dec. 31 X post that known losses due to bugs, hacks, and scams were $28.60 million in December, compared to $63.80 million in November and $115.80 million in October. According to the company, the vulnerability caused most of the damage, with attackers stealing $26.70 million in Dec...
DeFi Protocol Compound is launching a $1 million bug bounty program on Immunefi. Rewards will range from $1,000 to a maximum of $1 million depending on the severity of the discovery.
Web 3 bug bounty platform Immunefi has suspended white hat security company Trust Security for 90 days after accusing it of unjustly refusing to pay a bug bounty after discovering a serious vulnerability that could have led to the theft of funds. On November 12, Trust Security revealed on X that its bounty team had discovered a critical funds theft vulnerability on the forked mainnet of an unnamed project. The proof-of-concept for the vulnerability has been updated with Immunefi.
According to Lookonchain monitoring, the address of fwDETH worth $36 million lost due to phishing attacks is suspected to be related to Continue Capital.
According to PeckShield monitoring, the address marked "WazirX exploit" on the chain has consolidated 4,250 ETH (worth about $11 million) into the new address 0xa6e8... 120e.
PeckShield monitors that the address marked as a WazirX exploit has moved the 11th batch of 5000 ETH (worth about $13.20 million) to the new intermediate address 0x0641... 7b4a.
According to PeckShield monitoring, the WazirX exploit address has transferred 5000 ETH (worth about $11.70 million) to the new address 0x7d25... d30b. It may continue to be transferred to Tornado Cash for cleaning.
According to PeckShield, the address of the WazirX exploit has been laundered through Tornado Cash in another batch of 2,700 stolen ETH (worth approximately $6.25 million).
According to PeckShield monitoring, the address of the WazirX exploit has transferred 5000 ETH (worth about $11.50 million) to the new address 0x9309... 34c2.
According to PeckShield, the WazirX exploit address has been laundered through Tornado Cash for an additional 400 ETH (worth approximately $937,000).
Ronin said in a post that the cross-chain bridge is ready to reopen after a comprehensive audit after experiencing security bugs. At present, the reopening proposal of the cross-chain bridge has been submitted to the operator for voting, and it is expected that the service will be restored within 10 days, and no updates are planned for the time being.
Vulnerability management company Nucleus Security has announced the completion of a new round of financing, with the participation of Dcode Capital, backed by JPMorgan Asset Management. The specific amount and valuation have not been disclosed. Nucleus Security provides unified vulnerability management services for organizations that require decentralized cyber security tools and federations. It supports a comprehensive overview of vulnerabilities and simplifies the analysis, classification and ...
According to SlowMist, the Ronin Bridge was attacked because the weights were modified to unexpected values, allowing funds to be withdrawn without any multi-signature threshold checks. Previously, Ronin Bridge was attacked, involving funds of $9.33 million. Ronin Bridge was subsequently deactivated and the team is investigating reports of potential MEV vulnerabilities.
Terra Blockchain has reported a security bugs on its network. The unknown attacker exploited a known vulnerability related to the third-party module IBC hooks, which is used for cross-chain contract invocation and token transfer. The attackers exploited this vulnerability to steal funds from bridge assets, including USDC and Astroport tokens. Preliminary estimates suggest that around $3 million worth of tokens could be affected. After discovering the incident, Terra implemented emergency measure...
7x24 Newsflash
Hot News
