1925 matches found
CVE-2025-46597
Bitcoin Core 0.13.0 through 29.x is affected by an integer overflow (CVE-2025-46597). The CVSS metrics indicate a network-sourced, low-complexity attack with no privileges required and no user interaction, resulting in high availability impact. Connected sources consistently cite the same descrip...
Bitcoin Core 安全漏洞
Bitcoin Core is an open-source client for verifying the validity of blockchain transactions. Versions of Bitcoin Core prior to 29.0 contain security vulnerabilities; these vulnerabilities stem from specially crafted transactions and could lead to denial-of-service attacks...
CVE-2025-46598
Bitcoin Core through 29.0 allows a denial of service via a crafted transaction...
Sextortion “I recorded you” emails reuse passwords found in disposable inboxes
Our malware removal support team recently flagged a new wave of sextortion emails, with the subject line: “You pervert, I recorded you!” If the message sounds familiar, that's because it's a variation of the long-running "Hello pervert" scam. The email claims the target’s device has been infected...
BSV SDK 安全漏洞
The BSV SDK is an open-source developer toolkit for BSV Blockchain. Versions of the BSV SDK prior to 2.0.0 contained security vulnerabilities. These vulnerabilities stemmed from errors in the signature data preparation process within the BRC-104 authentication mechanism, which could lead to...
Improper Following of Specification by Caller
Overview @bsv/sdk is a BSV Blockchain Software Development Kit Affected versions of this package are vulnerable to Improper Following of Specification by Caller in the Peer class, used by the processInitialRequest and processInitialResponse methods. An attacker can cause a signature to be...
GHSA-Q66H-M87M-J2Q6 Bitcoinrb Vulnerable to Command injection via RPC
Summary: Remote Code Execution Unsafe handling of request parameters in the RPC HTTP server results in command injection Details In lib/bitcoin/rpc/httpserver.rb line 30-39, the JSON body of a POST request is parsed into command and args variables. These values are then passed to send, which is...
Bithumb Mistakenly Sends 620,000 Bitcoin ($40B) to Customer Accounts
A system error at Bithumb sent 620,000 Bitcoin worth about $40B to hundreds of users during a promotion, briefly disrupting prices and drawing scrutiny...
CVE-2025-14554
The Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'orderformdata' AJAX action in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
EUVD-2025-206583
The Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'orderformdata' AJAX action in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
US Seizes $400 Million Linked to Helix Dark Web Crypto Mixer
US authorities take control of over $400 million in crypto, cash, and property tied to Helix, a major darknet bitcoin mixing service used by drug markets...
CVE-2026-1380
The Bitcoin Donate Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the settings page. This makes it possible for unauthenticated attackers to modify the plugin's settings,...
EUVD-2026-4924
The Bitcoin Donate Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the settings page. This makes it possible for unauthenticated attackers to modify the plugin's settings,...
CVE-2026-1380
The Bitcoin Donate Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the settings page. This makes it possible for unauthenticated attackers to modify the plugin's settings,...
CVE-2026-1380
CVE-2026-1380 affects the Bitcoin Donate Button WordPress plugin (
WordPress Bitcoin Donate Button plugin <= 1.0 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Bitcoin Donate Button versions = 1.0...
WordPress Plugin: Bitcoin Donation Button – Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
How Cybercrime Markets Launder Breach Proceeds and What Security Teams Miss
Explore how cybercrime markets turn stolen data into laundered funds using dollar‑pegged assets, mixers and exchanges-and why tracking BTC USDT price and stablecoin flows now matters for security, fraud and AML teams...
CVE-2023-50428
In Bitcoin Core through 26.0 and Bitcoin Knots before 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code e.g., with OPFALSE OPIF, as exploited in the wild by Inscriptions in 2022 and 2023. NOTE: although this is a vulnerability from the perspective of the...
CVE-2018-1000891
Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving messages with invalid checksums...