Awesome Motive’s WP Forms plugin has patched a Missing Authorization to Payment Refund and Subscription Cancellation vulnerability. This issue allowed authenticated attackers with Subscriber-level access or higher to refund Stripe payments and cancel subscriptions without proper authorization. Wordfence reports that “The WPForms plugin for WordPress is vulnerable to unauthorized modification of data …
Bruno Vaccotti, Head of Public Affairs of Penguin, a bitcoin mining company, has referred to the existence of what he called “vulture contracts,” and its effects on developing mining operations in Paraguay. Vaccotti stated that large amounts of energy have been assigned through these contracts that have not been taken advantage of and are blocked […]
On Thursday, Zksnacks, the developer behind Wasabi Wallet, announced its decision to cease its coinjoin services following regulatory measures in the U.S. The company stated that the wallet will now operate as a standard non-custodial bitcoin wallet without the coinjoin feature. Zksnacks Withdraws Coinjoin Feature from Wasabi Wallet Following intensified regulatory scrutiny in the U.S., […]
In a recent announcement, Shakepay, the Canadian crypto app, disclosed a data breach involving unauthorized access to personal information of a select group of its customers. The breach, detected on Dec. 13, 2023, compromised data but did not affect any bank accounts, crypto wallets, or customer credentials. Shakepay Addresses Data Breach Concerns, Offers Free Credit […]
Thirdweb, a Web3 development framework provider, has announced that it has started mitigating a vulnerability that could potentially affect thousands of smart contracts across several networks. The vulnerability, uncovered in November, impacts various pre-built smart contracts that the framework provides for rapidly deploying applications using an undisclosed open-source library. Thirdweb Mitigates Critical Vulnerability Across Dozens […]