CVE-2025-69893

A side-channel vulnerability exists in the implementation of BIP-39 mnemonic processing, as observed in Trezor One v1.13.0 to v1.14.0, Trezor T v1.13.0 to v1.14.0, and Trezor Safe v1.13.0 to v1.14.0 hardware wallets. This originates from the BIP-39 standard guidelines, which induce non-constant...

EUVD-2020-6354

Malware in sbrugna...

Compact and Selective Disclosure for Verifiable Credentials

Self-Sovereign Identity SSI is a novel identity model that empowers individuals with full control over their data, enabling them to choose what information to disclose, with whom, and when. This paradigm is rapidly gaining traction worldwide, supported by numerous initiatives such as the European...

CVE-2020-14199

BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed in 1.9.1 for the...

Hardware Crypto Wallets vs. Mobile vs. Desktop: Which Should You Choose?

Crypto wallets are essential in keeping your cryptocurrency safe. There are different types of wallets available and choosing…...

Financial cyberthreats in 2022

Financial gain remains the key driver of cybercriminal activity. In the past year, weve seen multiple developments in this area – from new attack schemes targeting contactless payments to multiple ransomware groups continuing to emerge and haunt businesses. However, traditional financial threats ...

Cold wallet, hot wallet, or empty wallet? What is the safest way to store cryptocurrency?

In August of 2021, a thief stole about $600 million in cryptocurrencies from The Poly Network. They ended up giving it back, but not because they were forced to. Slightly more than one week later, Japanese cryptocurrency exchange Liquid was hacked and lost $97 million worth of digital coins. Thes...

CVE-2020-14199

BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed in 1.9.1 for the...

CVE-2020-14199

BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed in 1.9.1 for the...

Design/Logic Flaw

BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed in 1.9.1 for the...

CVE-2020-14199

The CVE-2020-14199 issue is a BIP-143 signing mishandling in the Bitcoin protocol that can mislead users into producing two signatures during Segwit transactions. Affected products are Trezor One firmware before 1.9.1 and Trezor Model T firmware before 2.3.1; these devices have firmware updates t...

CVE-2020-14199

BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed in 1.9.1 for the...

PT-2020-13926

Name of the Vulnerable Software and Affected Versions: Trezor One versions prior to 1.9.1 Trezor Model T versions prior to 2.3.1 Description: The issue in the Bitcoin protocol specification, specifically BIP-143, mishandles the signing of a Segwit transaction. This allows attackers to trick a use...

Cryptocurrency Hardware Wallets Can Get Hacked Too

New research shows vulnerabilities in popular cold-storage options that would have revealed their PINs...

Monero: Hardware Wallets Do Not Check Unlock TIme

Summary: The hardware wallet implementations using the monero wallet do not check the unlock time when signing. This allows malware on the user's computer which the hardware wallet should protect from to permanently lock-up all the user's funds if the user signs a transaction on the device with a...