-
# 每日安全资讯(2023-08-25)
- HackerOne Hacker Activity
- [ ] [Cache Poisoning allows redirection on JS files](https://hackerone.com/reports/1795197)
- [ ] [An Attacker Can Flag Draft Job Posts And Can …
-
One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email to …
-
yesterday after I entered my wallet on my laptop I found that my money was gone by one transaction. The transaction's TXID was
ccd6dbffcdf801821906d21e426f9f170b49fa0fb97edcbe01e538c32651788e
and lo…
-
A threat highlight from the New Jersey Cybersecurity & Communications Integration Cell (NJCCIC): Summary As the 2023 school year begins, threat actors are poised to launch various types of cyberatta…
-
### Tutorial title
Scam Token 101
### Tutorial description
In this tutorial the reader learns many of the tricks used by scam tokens (tokens that pretend to be other than what they really are) to a…
-
### Exchange Name
Reedus Andrew
### URL of the Exchange
https://github.com/
### URL of the Exchange's API docs
https://github.com/
### Why should this exchange be implemented?
“I invested with …
-
## AEP-02M: Lingering Token Approvals
| Type | Severity | Location |
| ---- | -------- | -------- |
| [Logical Fault](/appendix/finding-types#logical-fault) | | [ArbitraryExecutionPermit2Adapter…
-
# 每日安全资讯(2023-07-28)
- Security Boulevard
- [ ] [How scammers used SEO to disguise themselves as an electric utility](https://securityboulevard.com/2023/07/how-scammers-used-seo-to-disguise-themsel…
-
# 每日安全资讯(2023-06-17)
- HackerOne Hacker Activity
- [ ] [Logging in without knowing credentials after logged out action](https://hackerone.com/reports/1971610)
- [ ] [CSRF with logout action](http…
-
berlin-101
medium
# Missing extension whitelist opens attack vector for malicious extensions
## Summary
The IronBank protocol embraces the concept of extensions. But it does not maintain a whiteli…