Bitcoin Core’s Optech Newsletter #306 is recommending users to, “to upgrade to Bitcoin Core 25.0 or higher within the next two weeks, with the latest version being 27.0.” A new policy was discussed by several Bitcoin Core project members concerning disclosures of vulnerabilities. Low-severity vulnerabilities will be disclosed about two weeks after a new version […]
ThemeFusion’s multipurpose WordPress theme Avada has patched an Arbitrary File Upload Vulnerability. Avada is one of ThemeForest’s most popular premium themes with nearly 950k sales. This vulnerability was reported responsibly by Muhammad Zeeshan (Xib3rR4dAr) during Wordfence’s Bug Bounty Extravaganza earning him $ 2,751. The researchers have categorized it as a …
First disclosed by security researcher Calvin Alkan of snicco, the vulnerability impacts all versions of Bricks Builder before version 1.9.6.1. Identified as a Remote Code Execution (RCE) flaw, it poses a critical security risk, allowing attackers to potentially gain unauthorized control over websites running on an affected version of Bricks. What is …
Luke Dashjr, Bitcoin developer and CTO of Mummalin, has registered a method that allows Ordinal inscriptions to be saved on the Bitcoin blockchain as a code vulnerability. The vulnerability, CVE-2023-50428, states that “datacarrier size limits can be bypassed by obfuscating data as code,” as Ordinal inscriptions do to embed images and other kinds of data […]
Thirdweb, a Web3 development framework provider, has announced that it has started mitigating a vulnerability that could potentially affect thousands of smart contracts across several networks. The vulnerability, uncovered in November, impacts various pre-built smart contracts that the framework provides for rapidly deploying applications using an undisclosed open-source library. Thirdweb Mitigates Critical Vulnerability Across Dozens […]