179 matches found
CVE-2026-40583
UltraDAG is a minimal DAG-BFT blockchain in Rust. In version 0.1, a non-council attacker can submit a signed SmartOp::Vote transaction that passes signature, nonce, and balance prechecks, but fails authorization only after state mutation has already occurred...
CVE-2026-40583
UltraDAG is a minimal DAG-BFT blockchain in Rust. In version 0.1, a non-council attacker can submit a signed SmartOp::Vote transaction that passes signature, nonce, and balance prechecks, but fails authorization only after state mutation has already occurred...
CVE-2026-40583
UltraDAG (Rust, version 0.1) has a vulnerability where a non-council attacker can submit a signed SmartOp::Vote, passing signature/nonce/balance prechecks, but authorization fails only after state mutation has occurred. This leads to a fatal supply invariant halt per CVE-2026-40583. The issue is ...
CVE-2026-40583 UltraDAG: SmartOp Vote Path Triggers Fatal Supply Invariant Halt
UltraDAG is a minimal DAG-BFT blockchain in Rust. In version 0.1, a non-council attacker can submit a signed SmartOp::Vote transaction that passes signature, nonce, and balance prechecks, but fails authorization only after state mutation has already occurred...
CVE-2026-40583
UltraDAG is a minimal DAG-BFT blockchain in Rust. In version 0.1, a non-council attacker can submit a signed SmartOp::Vote transaction that passes signature, nonce, and balance prechecks, but fails authorization only after state mutation has already occurred...
CVE-2026-40583 UltraDAG: SmartOp Vote Path Triggers Fatal Supply Invariant Halt
UltraDAG is a minimal DAG-BFT blockchain in Rust. In version 0.1, a non-council attacker can submit a signed SmartOp::Vote transaction that passes signature, nonce, and balance prechecks, but fails authorization only after state mutation has already occurred...
TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices. The activity has been attributed with high confidence to the Russian state-sponsored threat group known as...
EUVD-2015-3030
Malware in sbrugna...
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 3
Microsoft launched its Cybersecurity Governance Council in 2024, and with it, named a group of deputy chief information security officers that ensure comprehensive oversight of the company’s cybersecurity risk, defense, and compliance. These leaders work in tandem with product and engineering...
Man Behind SEC Bitcoin Hoax Tweet Sentenced in SIM Swap Hack
Eric Council Jr. sentenced for 2024 SIM swap that led to fake Bitcoin ETF tweet from SEC’s X account, briefly impacting crypto markets...
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 2
Microsoft launched its Cybersecurity Governance Council in 2024, and with it, named a group of deputy chief information security officers that ensure comprehensive oversight of the company’s cybersecurity risk, defense, and compliance. These leaders work in tandem with product and engineering...
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 2
Microsoft launched its Cybersecurity Governance Council in 2024, and with it, named a group of deputy chief information security officers that ensure comprehensive oversight of the company’s cybersecurity risk, defense, and compliance. These leaders work in tandem with product and engineering...
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity
Microsoft launched its Cybersecurity Governance Council in 2024, and with it, named a group of deputy chief information security officers that ensure comprehensive oversight of the company's cybersecurity risk, defense, and compliance. These leaders work in tandem with product and engineering...
Malicious code in lido-council-daemon (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 99bf57f31f9431fe457ef726885325190325ba8e48b1adc3b4c0b599405554b6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9688 Malicious code in lido-council-daemon (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 99bf57f31f9431fe457ef726885325190325ba8e48b1adc3b4c0b599405554b6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
California AI Safety Bill Vetoed
Governor Newsom has vetoed the state's AI safety bill. I have mixed feelings about the bill. There's a lot to like about it, and I want governments to regulate in this space. But, for now, it's all EU. Related, the Council of Europe treaty on AI is ready for signature. It'll be legally binding wh...
fffl.councilforeconed.org Cross Site Scripting vulnerability OBB-3943777
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Rapid7 Signs 100% Talent Compact with Boston Women’s Workforce Council
The effort aims to help close gender and racial pay gaps Rapid7 is proud to announce their signing of the 100% Talent Compact through the Boston Women’s Workforce Council BWWC. The Talent Compact is a collective effort among the Boston Mayor and local employers to close the gender and racial wage...
thailandtourismcouncil.org Cross Site Scripting vulnerability OBB-3905859
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
familyinformationdirectory.dorsetcouncil.gov.uk Cross Site Scripting vulnerability OBB-3896116
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...