2 matches found
Anyone Can Arbitrarily Call FSDVesting.updateVestedTokens()
Handle leastwood Vulnerability details Impact The updateVestedTokens function is intended to be called by the FSD.sol contract when updating a user's vested token amount. A check is performed to ensure that user == beneficiary, however, as user is a user controlled argument, it is possible to spo...
BBC: MiSafes’ child-tracking smartwatches are ‘easy to hack’
Following our research on the MiSafes kids tracking watch we spoke to the BBC's Rory Cellan-Jones and Leo Kelion about the risks, and what consumers can do. We found that the devices didn't encrypt user data, and that each child's account wasn't secured. The result is that children's movements...