Neverland – Back-running reward notification The rewards may have been partially stolen. Vulnerability Details The DuctLock contract currently permits a new reward to be added to the next epoch […]
SEAL Certification Goes Live: Composable Security in the First Accreditation Cohort Today the Security Alliance (SEAL) announced that its Certification program is moving from pilot into live engagements. SEAL Certification Goes Live: Composable Security in […]
How to Minimize the Risk of Prompt Injection? Learn how to reduce prompt injection risk in LLM apps and AI agents using threat modeling, least privilege, output validation, monitoring, and adversarial testing. […]
ERC-8004: a practical explainer for trustless agents For agents to cooperate with each other, they need to know about the existence of other agents, what abilities they have, and to be […]
Red Flags and Green Flags of Yield Bearing Stablecoins Below are practical green flags and red flags you can verify yourself using a project’s website, documentation, and a blockchain explorer. Each flag includes […]
Yield bearing stablecoins Yield bearing stablecoins are tokens designed to hold a peg while earning interest for holders. Sounds good, right? However, where there’s yield, there’s also […]
Smart Security Practices From The Best What do Lido, Red Stone, YieldNest, and Braintrust have in common? They’ve developed effective methods for improving security without drastically increasing costs. Top-tier protocol […]
Lido – Node Operator can exit and slash their validator to move withdrawal finalization border epoch Bypassing the border epoch as determined by the mass slashing event. Vulnerability Details During a mass slashing event, the withdrawal queue may delay finalization […]
Lido – Uncaught exception on creating ejection report The report generation cannot be completed and submitted due to this bug. Vulnerability Details The get_remaining_forced_validators function is designed to remove validators that are […]
