News list for "Vulnerability"
Princeton University researchers have found crypto AI agents like ElizaOS are vulnerable to memory-based manipulation hacks.
After an unexpected vulnerability was discovered in an audited smart contract, Virtuals Protocol released a timely fix and restarted its bug bounty program. On December 3, 2024, a security researcher under the pseudonym Jinu contacted Virtuals Protocol after discovering a vulnerability in one of its audited contracts. However, after reporting the issue, Jinu learned that the company had not activated the bug bounty program, meaning the discovery was not eligible for the bounty. Virtuals Protocol...
The final months of 2024 saw losses from cryptocurrency scams, vulnerabilities, and hacks gradually decrease, with December being the month with the fewest hacks of the year. Blockchain security firm CertiK said in a Dec. 31 X post that known losses due to bugs, hacks, and scams were $28.60 million in December, compared to $63.80 million in November and $115.80 million in October. According to the company, the vulnerability caused most of the damage, with attackers stealing $26.70 million in Dec...
DeFi Protocol Compound is launching a $1 million bug bounty program on Immunefi. Rewards will range from $1,000 to a maximum of $1 million depending on the severity of the discovery.
Web 3 bug bounty platform Immunefi has suspended white hat security company Trust Security for 90 days after accusing it of unjustly refusing to pay a bug bounty after discovering a serious vulnerability that could have led to the theft of funds. On November 12, Trust Security revealed on X that its bounty team had discovered a critical funds theft vulnerability on the forked mainnet of an unnamed project. The proof-of-concept for the vulnerability has been updated with Immunefi.
According to Lookonchain monitoring, the address of fwDETH worth $36 million lost due to phishing attacks is suspected to be related to Continue Capital.
According to PeckShield monitoring, the address marked "WazirX exploit" on the chain has consolidated 4,250 ETH (worth about $11 million) into the new address 0xa6e8... 120e.
PeckShield monitors that the address marked as a WazirX exploit has moved the 11th batch of 5000 ETH (worth about $13.20 million) to the new intermediate address 0x0641... 7b4a.
According to PeckShield monitoring, the WazirX exploit address has transferred 5000 ETH (worth about $11.70 million) to the new address 0x7d25... d30b. It may continue to be transferred to Tornado Cash for cleaning.
According to PeckShield, the address of the WazirX exploit has been laundered through Tornado Cash in another batch of 2,700 stolen ETH (worth approximately $6.25 million).
