you are my hero ❤️

Be care!

下载软件前需要干的两件事：1. 验证是否是官方网站；2.验证下载的文件hash。做到上述步骤可以防止99.9%的攻击

Do Not Miss！

Sad

Haha

最大的scam出现了！

处理了一个 sol 上的被盗案例。被害者复制了私钥导入 chrome 钱包，结果被读取了粘贴板，所有的$TRUMP 都被转走

🤣

root cause was consortium address in fake LBTC controled by attacker.

说实话，和链上安全关系不大。主要是基础安全不过关，导致多签名持有人被突破了

曾经多次参与处理过Web3 Ecosystem的安全事件，我总结了一条规律。攻击人永远是最简单的。

我也觉得这块设计可能不太周全，首先cold wallet交易不是高频操作，第二cold wallet的操作也不是时间敏感的。完全可以先放到local fork模拟一遍检测一下是否和预期相同。

Bybit Hack Forensics Report As promised, here are the preliminary reports of the hack conducted by Sygnia and Verichains Screenshotted the conclusion and here is the link to the full report: docsend.com/view/s/rmdi832…

WTF...

永远记住，需要用的软件一定要在官网下载

The GPU shares similar microcode across products, which is why CVE-2025-21479/80 is so interesting. Whomever had it burned (reach out to me pls) had a crazy versatile bug ruined. The affected GPU versions run on multiple different product types (IoT/phones/laptops & future auto.