I just published First Bug: Bypassing a Pro Tier Paywall with a Business Logic Flaw medium.com/p/my-first-bug… #BugBounty

Low Confidence Infrastructure – APT43 (Kimsuky) 222[.]73[.]105[.]195 --> 0/94 This IP refers to 2 malicious files imperosnate Yunda Express 91[.]210[.]106[.]42 --> 0/94 146[.]70[.]81[.]61 --> 0/94 resolves --> health15hde[.]xyz 124[.]40[.]247[.]67 --> 0/94

JUST IN 🚨: @ploutos_money exploited for (~$388K) due to a price oracle misconfiguration. The protocol used the BTC/USD Chainlink feed to price USDC, massively inflating its value. The attacker deposited 8 USDC as collateral & borrowed ~187 ETH. Website/socials deleted. Rug?

Earlier today, a user attempted to buy AAVE using $50M USDT through the Aave interface. Given the unusually large size of the single order, the Aave interface, like most trading interfaces, warned the user about extraordinary slippage and required confirmation via a checkbox.