SlowMist's Chief Information Security Officer (CISO) 23pds posted on X platform that there is a file format bypass vulnerability caused by a spelling error in Telegram's official platform. Users are advised to update and pay attention to security.
Welcome Back
Click “Sign in” to agree to Cointime’s Terms of Service and acknowledge that Cointime’s Privacy Policy applies to you.
Join CoinTime
Already have an account?
Click “page.Sign up” to agree to Cointime’s <a class="underline" href="#term-of-service">Terms of Service</a> and acknowledge that Cointime’s a class="underline" href="#privacy-policy">Privacy Policy</a> applies to you.
Sign in with email
Sign up with email
Your email
Check your inbox
Click the link we sent to to sign in.
Click the link we sent to to sign up.
SlowMist CISO: A spelling error on Telegram official website led to another file format bypass execution vulnerability
-
Wechat scan to share
Recommended for you
-
Lutnick, Cantor Fitzgerald negotiated a 5% ownership stake in Tether: WSJ
Cantor, which holds most of Tether’s $133 billion in reserves, negotiated a 5% ownership interest in the stablecoin issuer within the past year, according to The Wall Street Journal.
-
Bitcoin price dip may spur buying spree in BNB, AVAX, NEAR and OKB
Bitcoin sellers take the upper hand as BTC struggles to rally to $100,000. What will altcoins do?
-
Bitcoin may reach $180K by the end of 2025 — TYMIO founder
The current CryptoQuant Bitcoin exchange reserve metric is roughly 2.5 million coins — the lowest level recorded during this market cycle.
-
-
Comparing IBIT & CBOE to BTC Options on Deribit
Since this week the crypto derivatives market offers various platforms for trading Bitcoin options, most notably the iShares Bitcoin Trust ETF (IBIT) options in the U.S. and the BTC options on Deribit and soon the ETF index options on CBOE.
-
Cosine: After a user used GPT to write a bot with a backdoor code, the private key was sent to a phishing website
SlowMist Yu Xian stated in a post on the X platform that a user used GPT to write a bot with code and sent the private key to a phishing website. The reason why the private key was stolen was because it was directly sent to the phishing website in the HTTP request body. Yu Xian reminded that when using LLM such as GPT/Claude, one must pay attention to the common fraudulent behavior of these LLM. It was previously mentioned that AI poisoning attacks were carried out, and now this is a real attack case targeting the crypto industry. -
Polymarket Blocks French Users Amid Government Investigation into Gambling Law Compliance
Polymarket has blocked users from France following reports of an investigation by the country's gaming authority for compliance with gambling laws. The ban was not stated in Polymarket's terms of service, but French users attempting to access the website using a VPN from a French server were met with a digital blockade. The ANJ, France's national gaming authority, began investigating Polymarket after a French trader placed large bets on Donald Trump winning the 2024 US Presidential election. -
Yao Qian, former director of the Science and Technology Supervision Department of the China Securities Regulatory Commission, was expelled from the party and removed from public office for allegedly u
the Discipline Inspection and Supervision Team of the Central Commission for Discipline Inspection and the National Supervision Commission stationed in the China Securities Regulatory Commission and the Supervision Commission of Shantou City, Guangdong Province, recently conducted disciplinary review and supervision investigations into Yao Qian, former director of the Science and Technology Supervision Department of the China Securities Regulatory Commission and former director of the Information Center, for serious violations of discipline and law. -
SlowMist: Will help law enforcement agencies track down the stolen funds from DEXX. Currently, about 2,000 suspicious addresses have been roughly identified.
SlowMist announced on X platform that its team will assist law enforcement agencies in tracking stolen funds and analyzing related clues. A complete list of hacker addresses will soon be released with DEXX. Currently, about 2,000 suspicious addresses have been roughly identified. -
DEXX: If all assets are recovered, full compensation will be given immediately
DEXX, the on-chain trading terminal, has released an update regarding the previous security incident. DEXX has officially filed a lawsuit and the SlowMist team is actively assisting law enforcement in the follow-up investigation. At the same time, DEXX is actively discussing compensation plans. Regarding compensation:
Daily Must-Read
-
Uniswap Labs, UNI holders could make $468M a year from new L2: DeFi Report
-
Avalanche Foundation to buy back nearly 2M AVAX sold to Terra in 2022
-
Gold Fever Hits Costco: 77% of Stores Sell Out Amid Soaring Demand for Bullion
-
$500M Bitcoin Buried in Landfill: Man Sues City After Decade-Long Battle for Recovery
-
Former BAYC creative director Jeff Nicholas joins Meta’s Reality Labs
-
Why is Solana's Dogwifhat (WIF) memecoin crashing?
All Comments