vulnerability

According to reports, team members of Raydium, a decentralized exchange based on Solana, proposed to create a vulnerability reward plan worth 10 million RAY tokens (approximately $

According to reports, according to the Beosin EagleEye security risk monitoring, early warning, and blocking platform monitoring under the blockchain security audit company Beosin,

On March 28th, the decentralized cross chain trading protocol THORChain issued a statement stating that a dependency of THORChain is suspected to have a potential vulnerability or

On March 27th, according to Scam Sniffer\’s monitoring, there was a vulnerability in the early contract Bscex SwapX of LaunchZone, and currently $7799856 in funds has been stolen. U

On March 15th, Arcade.xyz, the decentralized NFT lending market, tweeted that after a security alert from BlockSec, a vulnerability involving the approval of remaining tokens was found in the old contract, which is currently not being used in the agreement. The team has contacted 10 affected users and recommended that they revoke their permissions. Interpretation of this information: The message from Arcade.xyz on March 15th highlights a security issue involving the old contract of their decentralized NFT lending market. The vulnerability pertains to the approval of remaining tokens and was…

On March 12, the security company Imperva revealed a vulnerability in OpenSea, which allows users to de-anymize the identity of NFT traders on the platform. This vulnerability is caused by the wrong configuration of iFrame-resizer library used by OpenSea. The wrong configuration results in a cross-site search vulnerability, which hackers can use to obtain user identities. At present, OpenSea has solved this problem, but it is uncertain whether there is any user information leakage. Interpretation of this information: In March 2021, a security company, Imperva, released a statement revealing a…

On March 11, Hedera Status tweeted that the main network had been upgraded to fix the vulnerability and was now running normally. Interpretation of this information: Hedera Status, the official Twitter account of the Hedera Hashgraph platform, announced on March 11 that the platform’s main network had undergone an upgrade to address a vulnerability. According to the tweet, the network was now back to its normal functioning state. Hedera Hashgraph is a distributed ledger platform that uses a unique algorithm to achieve consensus among its nodes in a fast and…

On March 10, the DeFi project SaucerSwap on Hedera tweeted that a persistent vulnerability had attacked the Hedera network. The target of the vulnerability was the decompilation process in the smart contract. An attacker has attacked the Pangolin and HeliSwap pools containing wrapped assets. It is uncertain whether other HTS tokens are also risky. There is no report about the theft of SaucerSwap users’ funds at present, but as a preventive measure, we encourage everyone to withdraw their working capital immediately. Interpretation of this information: On March 10, SaucerSwap on…

On March 10, Hedera disclosed the details of the attack. The attacker attacked the smart contract service code of Hedera’s main network and transferred the Hedera Token service token held by some user accounts to his own account. The target of the attacker is to use accounts as liquidity pools on multiple DEXs, which are migrated to use Hedera Token Service using contracts derived from Uniswap V2, including Pangolin Hedera, SaucerSwap and HeliSwap. Interpretation of this information: On March 10, it was revealed that Hedera had suffered an attack on…

It is reported that Dfns, a startup of encrypted wallets, said that there are serious vulnerabilities in the passwordless login method Magic Links used by more and more encrypted wallets and network applications. Dfns said in a statement that the vulnerability could “pose a considerable risk to a large part of the global economy. The affected services said that they had hardly received any notice before Dfns published a blog article detailing the so-called zero-day vulnerability. Interpretation of this information: The startup company Dfns has recently announced that there are…

According to reports, Imunefi, a smart contract vulnerability reward platform, said on social media that dynamic. fi’s pledge contract was hacked by 73.8 BNB, with a value of about $22634, due to incorrect accounting treatment of the deposit function. Interpretation of this information: The Imunefi platform, which specializes in providing vulnerability rewards for smart contracts, has reported that the pledge contract of the dynamic.fi project has been hacked. The attacker was able to take 73.8 BNB, which is a Binance Coin, with a value of approximately $22,634 USD. This incident…