VULNERABILITIES News - Blockchain.News

CRYPTOCURRENCY

Github: Understanding Unsafe Deserialization Vulnerabilities in Ruby Projects
cryptocurrency

Github: Understanding Unsafe Deserialization Vulnerabilities in Ruby Projects

Learn how unsafe deserialization vulnerabilities can allow attackers to execute commands on Ruby projects and how to detect and prevent them.

How Jailbreak Attacks Compromise ChatGPT and AI Models' Security
cryptocurrency

How Jailbreak Attacks Compromise ChatGPT and AI Models' Security

Recent studies reveal the vulnerabilities of large language models like GPT-4 to jailbreak attacks. Innovative defense strategies, such as self-reminders, are being developed to mitigate these risks, underscoring the need for enhanced AI security and ethical considerations.

CertiK Outlines Mobile Blockchain Security Threats and Countermeasures
cryptocurrency

CertiK Outlines Mobile Blockchain Security Threats and Countermeasures

CertiK discussed security challenges of blockchain technologies on mobile platforms, including malware, insecure wallet apps, and network vulnerabilities, and provided countermeasures like reputable security solutions and regular updates.

Solana Foundation Offers $400k Bounty for Critical Code Discovery
cryptocurrency

Solana Foundation Offers $400k Bounty for Critical Code Discovery

Jacob Creech announces a $400k bounty for discovering code that can halt Solana network, part of Solana Foundation's endeavor to ensure robust network security.

Web3 Security Losses Skyrocket to $889.26M in Q3 2023, Says Beosin Report
cryptocurrency

Web3 Security Losses Skyrocket to $889.26M in Q3 2023, Says Beosin Report

The Q3 2023 Global Web3 Security Report, jointly initiated by Beosin and SUSS NiFT, reveals a concerning escalation in the Web3 security landscape. The report shows that losses from hacks, phishing scams, and rug pulls reached $889.26M in Q3 2023, exceeding the combined losses of the first two quarters. The report also highlights the increasing threat posed by North Korea's Lazarus group.

CFTC Receives DeFi Crash Course
cryptocurrency

CFTC Receives DeFi Crash Course

Crypto executives provided a DeFi crash course to the CFTC during their first Technology Advisory Committee meeting. Topics included blockchain technology, decentralization, digital identity, and exploits and vulnerabilities.

ZenGo uncovers dApp vulnerability
cryptocurrency

ZenGo uncovers dApp vulnerability

ZenGo has discovered a security vulnerability called the "red pill attack" in decentralized applications or dApps. The vulnerability allowed malicious dApps to steal user assets using opaque transaction approvals. Many leading vendors, including Coinbase Wallet, were vulnerable to such attacks. ZenGo found that developers took a shortcut in setting "Special Variables" to arbitrary values during simulation, leaving the simulation vulnerable to attack. ZenGo said the fix was straightforward and urged developers to populate vulnerable variables with meaningful values.

Cybersecurity Firm Halborn Warns of Zero-Day Vulnerabilities in Over 280 Blockchain Networks
cryptocurrency

Cybersecurity Firm Halborn Warns of Zero-Day Vulnerabilities in Over 280 Blockchain Networks

Cybersecurity firm Halborn has warned of a vulnerability called "Rab13s" that could put over 280 blockchain networks at risk of zero-day exploits, potentially exposing at least $25 billion worth of crypto. The most critical vulnerability could allow an attacker to send malicious consensus messages to individual nodes, causing each to shut down and potentially enabling a 51% attack on the network. While Dogecoin, Zcash, and Litecoin have already implemented patches for the discovered vulnerabilities, hundreds of other networks remain at risk.

Trending topics