TON 安全漏洞

TON is a blockchain software developed under open source. Versions of TON prior to v2025.06 contained security vulnerabilities. These vulnerabilities stemmed from empty pointer dereferences in the TON Virtual Machine, which could allow attackers to cause verification nodes to crash through...

Integer Overflow

cairo-lang-starknet-classes is vulnerable to Integer overflow. The vulnerability is due to improper bounds checking in the Sierra bytecode decompression logic of the cairo-lang-starknet-classes library, allows an integer overflow to occur when processing malicious Declare v2/v3 transactions...

No deadline for swaps

Lines of code Vulnerability details Impact No deadline for swaps allows transactions to be executed later, unfavourably or maliciously. Proof of Concept When tokens are to be swapped rather than minted, slippage is controlled in uniswapV3SwapCallback by minimumAmountReceived which is calculated...

Gas griefing attack on the removeUserActiveBlocks function

Handle shw Vulnerability details Impact The consumed gas to remove a user's active block is proportional to the total number of array elements i.e., block numbers. However, the array size can be arbitrarily increased by an attacker with only paying gas fees, causing a gas griefing attack when the...

Researchers Bypass Chip and Pin Protections at Black Hat

LAS VEGAS – Credit card companies for the most part have moved away from “swipe and signature” credit cards to chip and pin cards by this point; the technology known as EMV Europay, MasterCard, and Visa which is supposed to provide consumers with an added layer of security is beginning to see som...

Shylock/Caphaw Banking Malware Infections on the Rise

Two dozen major U.S. and European banks are in the crosshairs of the Shylock, or Caphaw, financial malware of late, and victims who trade with one of the 24 financial institutions are at risk of giving up their credentials and losing assets in their accounts. Malware researchers have noticed a ri...