A critical logic flaw in the XRP Ledger's batch amendment feature was discovered and prevented, which could have allowed unauthorized fund transfers and account deletions. The vulnerability has been narrowly averted, protecting user wallets from potential exploitation.
A DeFi exploiter successfully manipulated oracle pricing on Ploutos Money lending protocol, using BTC/USD price data for USDC tokens. This oracle manipulation allowed the attacker to borrow $400,000 worth of ETH using only $8 of collateral, highlighting critical vulnerabilities in DeFi lending protocol oracle systems.
A Chromium vulnerability affects all versions of Mist Browser Beta v0.9.3 and below, prompting a security alert advising users to avoid browsing untrusted websites. The Ethereum Wallet desktop app remains unaffected by this security issue.
cpp-ethereum versions 1.2.0 to 1.2.6 have a critical account unlocking security vulnerability that remains unfixed. Popular Ethereum clients like geth, Mist, and Ethereum Wallet are not affected by this issue and properly lock accounts.
A critical security vulnerability in cpp-ethereum versions 1.2.0 to 1.2.5 keeps user accounts unlocked, potentially allowing unauthorized access to funds. The issue has been fixed in version 1.2.6, while other Ethereum clients like geth and Mist are not affected.
A critical security vulnerability was discovered in Go and Python Ethereum clients (geth) that causes crashes when processing blocks with specific transaction combinations. The bug creates state transition and consensus issues that could lead to network-wide DoS attacks if exploited, but has been fixed and requires immediate client updates.
