y0news
AnalyticsDigestsSourcesTopicsRSSAICrypto

#vulnerability News & Analysis

122 articles tagged with #vulnerability. AI-curated summaries with sentiment analysis and key takeaways from 50+ sources.

122 articles
AIBearisharXiv – CS AI · Mar 176/10
🧠

On the Adversarial Transferability of Generalized "Skip Connections"

Researchers discovered that skip connections in deep neural networks make adversarial attacks more transferable across different AI models. They developed the Skip Gradient Method (SGM) which exploits this vulnerability in ResNets, Vision Transformers, and even Large Language Models to create more effective adversarial examples.

AIBearisharXiv – CS AI · Mar 166/10
🧠

Prompt Injection as Role Confusion

Researchers have identified 'role confusion' as the fundamental mechanism behind prompt injection attacks on language models, where models assign authority based on how text is written rather than its source. The study achieved 60-61% attack success rates across multiple models and found that internal role confusion strongly predicts attack success before generation begins.

AIBearisharXiv – CS AI · Mar 37/108
🧠

MIDAS: Multi-Image Dispersion and Semantic Reconstruction for Jailbreaking MLLMs

Researchers have developed MIDAS, a new jailbreaking framework that successfully bypasses safety mechanisms in Multimodal Large Language Models by dispersing harmful content across multiple images. The technique achieved an 81.46% average attack success rate against four closed-source MLLMs by extending reasoning chains and reducing security attention.

$LINK
AIBearisharXiv – CS AI · Mar 37/108
🧠

VidDoS: Universal Denial-of-Service Attack on Video-based Large Language Models

Researchers have discovered VidDoS, a new universal attack framework that can severely degrade Video-based Large Language Models by causing extreme computational resource exhaustion. The attack increases token generation by over 205x and inference latency by more than 15x, creating critical safety risks in real-world applications like autonomous driving.

CryptoNeutralCryptoSlate · Feb 287/107
⛓️

XRP Ledger nearly shipped a feature that could drain accounts without owners signing

A critical security vulnerability was discovered in XRP Ledger's proposed 'Batch' amendment that could have allowed unauthorized account draining without user signatures. The XRPL Foundation caught the flaw before it reached the main network, preventing potential exploitation of user funds.

XRP Ledger nearly shipped a feature that could drain accounts without owners signing
$XRP
DeFiBullishEthereum Foundation Blog · Sep 156/103
💎

Fusaka $2,000,000 Audit Contest!

Fusaka announces a $2,000,000 audit contest co-sponsored by Gnosis and Lido, hosted on Sherlock platform. The four-week contest starting September 15th aims to identify vulnerabilities in the Fusaka upgrade before network deployment.

AINeutralOpenAI News · Jul 176/106
🧠

Agent bio bug bounty call

OpenAI has launched a Bio Bug Bounty program inviting researchers to test ChatGPT agent's safety mechanisms using universal jailbreak prompts. The program offers rewards up to $25,000 for identifying vulnerabilities in the AI system's safety protocols.

CryptoBullishEthereum Foundation Blog · Nov 256/102
⛓️

Ethereum Protocol Attackathon is Live

The Ethereum Foundation has launched its first protocol Attackathon with a $1.5 million reward pool, running from November 25th to January 20th and hosted by Immunefi. The initiative aims to enhance Ethereum protocol security by incentivizing researchers to identify vulnerabilities.

$ETH
CryptoNeutralEthereum Foundation Blog · May 36/102
⛓️

Secured #5: Public Vulnerability Disclosures Update

The Ethereum Foundation has disclosed a second set of vulnerabilities through its Bug Bounty Program, following their coordinated disclosure process. These security issues were previously discovered and reported to the Foundation, which then coordinates with affected teams to address the vulnerabilities across the ecosystem.

Secured #5: Public Vulnerability Disclosures Update
$ETH
AIBullishOpenAI News · Apr 116/106
🧠

Announcing OpenAI’s Bug Bounty Program

OpenAI has launched a bug bounty program to enhance the security and reliability of their AI systems. The initiative seeks external help from security researchers to identify vulnerabilities as part of their commitment to developing safe and advanced AI technology.

CryptoNeutralEthereum Foundation Blog · Mar 96/101
⛓️

Secured #2: Public Vulnerability Disclosures

The Ethereum Foundation disclosed the first set of vulnerabilities from its Bug Bounty Programs for both Execution and Consensus layers. These security issues were previously discovered and reported through the foundation's official bounty programs, representing a transparent approach to vulnerability management.

Secured #2: Public Vulnerability Disclosures
$ETH
CryptoBullishEthereum Foundation Blog · Sep 96/103
⛓️

Secured no. 1

A bug bounty program was launched to identify vulnerabilities in the beacon chain specification and client implementations including Lighthouse, Nimbus, Teku, and Prysm. The program has yielded enlightening vulnerability reports and valuable lessons from patching potential security issues.

Secured no. 1
CryptoNeutralEthereum Foundation Blog · Nov 96/103
⛓️

Analysis of Storage Corruption Bug

A storage corruption bug discovered last week was found to be much less severe than initially believed. The small number of affected contracts are either only exploitable by owners or can only cause service disruptions rather than financial losses.

CryptoBearishEthereum Foundation Blog · Sep 226/101
⛓️

Transaction spam attack: Next Steps

A transaction spam attack targeted the network using EXTCODESIZE opcode calls, causing blocks to take 20-60 seconds to validate due to excessive disk fetches. This resulted in a 2-3x reduction in network performance as validators struggled to process the malicious transactions.

CryptoBearishEthereum Foundation Blog · Jul 226/102
⛓️

Hive: How we strived for a clean fork

The article discusses challenges faced during the DAO soft-fork attempt, highlighting underestimated side effects on the consensus protocol including DoS vulnerabilities and implementation data races. The rushed implementation introduced critical technical issues that posed significant risks to the network.

CryptoBearishEthereum Foundation Blog · Aug 206/102
⛓️

Security alert [consensus issue]

A consensus issue occurred on the Ethereum Frontier network at block 116,522 on August 20, 2015, involving a state database problem in geth that could lead to deletion of account data. The issue has been classified as high impact but has since been fixed.

CryptoBearishEthereum Foundation Blog · Feb 96/103
⛓️

Why Not Just Use X? An Instructive Example from Bitcoin

Bitcoin developer Gregory Maxwell discusses a design flaw in the Bitcoin protocol that allows third parties to mutate valid transactions while keeping them functionally identical but with different identifiers. This transaction malleability issue represents a significant technical vulnerability in Bitcoin's architecture.

$BTC
CryptoNeutralEthereum Foundation Blog · Feb 214/103
⛓️

Pectra Audit Competition Launches on Cantina

Pectra Audit Competition launches on Cantina platform, running from February 21 to March 24. The month-long security audit competition aims to engage the security community to identify potential issues in the Pectra system.

← PrevPage 5 of 5