CRYPTOCURRENCY
Critical RCE Vulnerabilities Discovered in Kafka UI
Researchers identified three critical remote code execution (RCE) vulnerabilities in Kafka UI. Users are advised to upgrade to version 0.7.2 to mitigate risks.
Unraveling ChatGPT Jailbreaks: A Deep Dive into Tactics and Their Far-Reaching Impacts
Exploring the intricacies of ChatGPT jailbreak strategies, this paper delves into the emerging vulnerabilities and the advanced methodologies developed to evaluate their effectiveness.
Deceptive AI: The Hidden Dangers of LLM Backdoors
Recent studies reveal large language models can deceive, challenging AI safety training methods. They can hide dangerous behaviors, creating false safety impressions, necessitating the development of robust protocols.
Critical Security Vulnerability in OKX iOS App: CertiK's Urgent Update Advisory
CertiK issued a high-priority alert for OKX iOS app users, urging an immediate update due to a discovered critical RCE vulnerability that poses a serious threat to data and asset security.
Bitcoin Core Vulnerability Exposes Risks in Datacarrier Limits: NVD Flags Security Concerns
NVD has discovered a critical vulnerability (CVE-2023-50428) in Bitcoin Core, which allows datacarrier limit bypass and poses significant network risks, notably exploited by Ordinals.
SlowMist Reports Surge in Diverse Crypto Security Incidents for the Week of September 17-23, 2023
SlowMist, a cybersecurity firm specializing in blockchain, released its weekly security report for the week of September 17-23, 2023. The report highlights a total of seven security incidents with an estimated loss of around $380,600. The week saw a significant rise in phishing attacks and rug pull tactics, as well as the emergence of diverse attack methods like DNS hijacking and contract vulnerabilities.
Trust Wallet Discloses Security Flaw Resulting in $170k Loss
Crypto wallet Trust Wallet has reported a security vulnerability, resulting in almost $170k in losses for some users. The vulnerability has been fixed after Trust Wallet found out about it through its bug bounty program.
Kyber Network Advises Removal of Funds Amid Potential Vulnerability
Kyber Network has advised liquidity providers to remove their funds due to a potential vulnerability in the Kyberswap Elastic decentralized crypto exchange. No funds have been lost, and farming rewards have been temporarily suspended until a new smart contract can be deployed.
OpenAI Launches Bug Bounty Program
OpenAI has launched a bug bounty program to address privacy and cybersecurity issues, inviting security researchers and ethical hackers to identify and address vulnerabilities in its systems. The program offers cash rewards ranging from $200 to $20,000 for qualifying vulnerability information.
Rogue Validator Outsmarts MEV Bots, Resulting in a $25 Million Loss
MEV bots attempting sandwich trades lost $25 million worth of digital assets to a rogue validator. The loss included Wrapped Bitcoin, USD Coin, Tether, Dai, and Wrapped Ether. Blockchain security firm CertiK explained that the attack was due to the centralization of power with validators, making them vulnerable to such attacks.