Defendor

Sign in Subscribe

Latest

Intel and AMD Chip Security Falls to Low-Cost Physical Attacks Exploiting Memory Encryption Flaws

Intel and AMD Chip Security Falls to Low-Cost Physical Attacks Exploiting Memory Encryption Flaws

Source: Intel and AMD trusted enclaves-the backbone of network security-fall to physical attacks Intel and AMD’s secure enclaves, relied upon by cloud providers to protect sensitive data, have been compromised by new physical attacks targeting memory encryption techniques. These findings raise significant concerns for projects depending on Trusted Execution

How Cross-Chain Bridges Get Hacked: Top Exploits & How to Stay Safe

How Cross-Chain Bridges Get Hacked: Top Exploits & How to Stay Safe

Source: Officer's Blog - How Cross-Chain Bridges are Hacked? Cross-chain bridges are essential tools enabling assets and data to move between isolated blockchains like Ethereum, Solana, and Binance Smart Chain. They fuel the multi-chain DeFi, NFT, and enterprise economies by unlocking liquidity and facilitating cheaper transactions. But this

The Notorious Bug Digest #5: Breaking EIP-7702 Assumptions, JIT Penalty Bypass & Recursive Function Exploit Explained

The Notorious Bug Digest #5: Breaking EIP-7702 Assumptions, JIT Penalty Bypass & Recursive Function Exploit Explained

Source: The Notorious Bug Digest #5 – OpenZeppelin Overview OpenZeppelin’s latest bug digest reveals three critical Web3 security findings, dissecting complex incidents that expose emerging risks in the post-EIP-7702 era, Uniswap V4’s penalty mechanism, and recursive function pitfalls in DeFi protocols. 1. EIP-7702 Delegated EOA Exploit Circumvents Flashloan Protection

MYX Finance Exposed: $170M “Mathematical Impossibility” Crypto Scam Uncovered

MYX Finance Exposed: $170M “Mathematical Impossibility” Crypto Scam Uncovered

Source: rekt.news - Parabolic Mirage MYX Finance’s meteoric rise wasn’t just luck or hype-it was a carefully orchestrated market manipulation backed by irrefutable statistical evidence. Analysis of over 9,200 minute-by-minute trades revealed trading patterns so precise they defy probability, exposing what experts call "a mathematical

Yo Protocol's Hidden Risks: Why Audits Alone Won't Protect Your Funds

Yo Protocol's Hidden Risks: Why Audits Alone Won't Protect Your Funds

Source: Yo Protocol’s unseen dangers-Why code audits aren’t enough Yo Protocol, a multi-chain yield optimizer deeply woven into the DeFi ecosystem, recently passed audits by well-known firms – reportedly free of critical vulnerabilities. Yet, a thorough review of its architectural design and documentation reveals significant risks beyond the initial

Red Flags & Green Flags to Spot Safe Yield-Bearing Stablecoins

Red Flags & Green Flags to Spot Safe Yield-Bearing Stablecoins

Source: Red Flags and Green Flags of Yield Bearing Stablecoins | composable-security.com Yield bearing stablecoins aim to maintain a stable peg to fiat currencies while generating yield from lending, staking, or real-world assets. Because they promise both stability and returns, careful scrutiny is essential to ensure their safety and sustainability.

How the U.S. Uncovered $110M Crypto Laundering Tied to Human Trafficking Scams

How the U.S. Uncovered $110M Crypto Laundering Tied to Human Trafficking Scams

Source: How the U.S. Traced $110M Crypto Money Laundering Cases - BlockSec U.S. authorities recently revealed a massive $110 million crypto money laundering operation tied to human trafficking scams across Southeast Asia, exposing critical compliance weaknesses in offshore banking and digital asset ecosystems. Blockchain security firm BlockSec analyzed

Timing Attacks Demystified: From Theory to Real-World Key Recovery

Timing Attacks Demystified: From Theory to Real-World Key Recovery

Source: blog.zksecurity.xyz - Timing Attacks à la Kocher Paul Kocher’s landmark 1996 paper revealed a critical vulnerability: cryptographic operations can leak secret key bits through their execution times. This type of side-channel attack exploits implementation details rather than the math behind the algorithms. Here’s a breakdown

Transitioning from EVM to Solana: Essential Security Concepts You Need to Know

Transitioning from EVM to Solana: Essential Security Concepts You Need to Know

Source: Transitioning from EVM to SVM: Key Concepts for Solana Security Assessment Solana operates differently from Ethereum’s EVM, especially in how it manages programs, storage, and transactions. This guide highlights the key Solana concepts developers and security auditors must understand when assessing Solana programs. Program Derived Addresses (PDAs) and

Formal Verification: The Key to Secure and Reliable Web3 Protocols

Formal Verification: The Key to Secure and Reliable Web3 Protocols

Source: The Role of Formal Verification in Web3 Security As decentralized protocols get more complex and interconnected, formal verification has shifted from a niche technique to a vital security standard. It offers a mathematical guarantee that smart contracts behave exactly as intended, ensuring robust protection against bugs and exploits, especially

DoubleZero Mainnet Launches: Supercharging Solana with 10x Speed & Global Reach

DoubleZero Mainnet Launches: Supercharging Solana with 10x Speed & Global Reach

Source: DoubleZero Mainnet Launch - blog.asymmetric.re DoubleZero has officially launched its mainnet, marking a significant step forward for Solana’s core infrastructure. This launch involves close collaboration with Cohort 0 partners and aims to enhance the blockchain’s speed and reliability for future decentralized applications. Key Upgrades Since

LayerZero Integrates with Sui to Unlock Seamless Cross-Chain Asset Flow

LayerZero Integrates with Sui to Unlock Seamless Cross-Chain Asset Flow

Source: LayerZero and Sui Forge a Powerful Interoperability Partnership LayerZero, a top interoperability protocol connecting over 140 blockchains and facilitating transfers exceeding $120 billion, has officially partnered with Sui to unlock large-scale connectivity for Sui-based assets. Breaking Down Barriers for Multi-Chain Coordination Christian Thompson, Managing Director at Sui Foundation, highlights

HyperVault Rug Pull Exposed: $4.6M Vanished in DeFi Exit Scam

HyperVault Rug Pull Exposed: $4.6M Vanished in DeFi Exit Scam

Source: HyperVault Rugged HyperVault, a promised automated yield optimizer on Hyperliquid's HyperEVM network, abruptly vanished with $4.64 million in user funds. Marketed with buzzwords like "modular strategy adapters" and "keeper-bot harvests," the platform concealed a deeply flawed structure behind fancy terms - no

Griffin AI’s $3M Token Heist: How Admin Keys Turned Their Bridge Into a Money Printer

Griffin AI’s $3M Token Heist: How Admin Keys Turned Their Bridge Into a Money Printer

Source: Griffin AI REKT Griffin AI’s recent launch on Binance Alpha ended in disaster after an attacker exploited LayerZero’s cross-chain protocol to mint 5 billion unauthorized $GAIN tokens-five times the original 1 billion max supply. This led to a hyperinflation event that wiped out more than 90% of