Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet

TrendAI™ Research analyzed an intrusion where threat actors used the EtherHiding technique to route ClearFake payload delivery through smart contracts on the BNB Smart Chain testnet. The attack chain ended with two simultaneously deployed stealers, SectopRAT and ACRStealer alongside an on-chain...

bug-bounty-hunts

Bug Bounty Hunts Curated writeups and proof-of-concept materi...

Execution Is the New Attack Surface: Survivability-Aware Agentic Crypto Trading with OpenClaw-Style Local Executors

OpenClaw-style agent stacks turn language into privileged execution: LLM intents flow through tool interception, policy gates, and a local executor. In parallel, skill marketplaces such as skills.sh make capability acquisition as easy as installing skills and CLIs, creating a growing capability...

CVE-2025-66692

A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-66692

A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-66692

A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-66692

A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2020-12118

The keygen protocol implementation in Binance tss-lib before 1.2.0 allows attackers to generate crafted h1 and h2 parameters in order to compromise a signing round or obtain sensitive information from other parties...

Directory Traversal

Overview gapless-crypto-data is a Cryptocurrency OHLCV data collection with gap-free guarantee. Retrieves microstructure-enriched kline data from Binance Public Data Repository with automatic gap detection and filling. Affected versions of this package are vulnerable to Directory Traversal due to...

Malicious code in binance.csharp (NuGet)

--- -= Per source details. Do not edit below this line.=-...

One Signature, Multiple Payments: Demystifying and Detecting Signature Replay Vulnerabilities in Smart Contracts

Smart contracts have significantly advanced blockchain technology, and digital signatures are crucial for reliable verification of contract authority. Through signature verification, smart contracts can ensure that signers possess the required permissions, thus enhancing security and scalability...

Malicious Package

Overview binance-connector-js is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in binance-connector-js (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 61b2f0cbecf7f16706a567eb1deed7a8dc1722f112d2a002a9e94e690a066f3d Any computer that has this package installed or running should be considered...

MAL-2025-48615 Malicious code in binance-connector-js (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 61b2f0cbecf7f16706a567eb1deed7a8dc1722f112d2a002a9e94e690a066f3d Any computer that has this package installed or running should be considered...

EUVD-2021-1252

Malware in sbrugna...

BATBToken 安全漏洞

BATBToken is a token smart contract organized by Binance Smart Chain. A security vulnerability exists in the BATBToken smart contract that stems from an improper implementation of access control in the whitelist management function, which could lead to elevated privileges...

EUVD-2025-5082

Malicious code in bioql PyPI...

MAL-2025-47747 Malicious code in binance-sdk-ebate (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 43db9ff01b53b59066c74bb7571e281c1364444174851bd25c272e8fd7f3f503 Example of typosquatting package, with rather safe using localhost as exfiltration target. Package targets a typo in the Binance documentation:...

Malicious code in binance-sdk-ebate (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 43db9ff01b53b59066c74bb7571e281c1364444174851bd25c272e8fd7f3f503 Example of typosquatting package, with rather safe using localhost as exfiltration target. Package targets a typo in the Binance documentation:...

Malicious code in binance-dev (npm)

The package communicates with a domain associated with malicious activity...