vulnerabilities

Jamieson O'Reilly, who is introduced as a "hacker" on X, posted that he has attempted to contact Moltbook in the past few hours, as the platform has publicly exposed its complete database without any protective measures. The leaked information includes secret API keys, allowing anyone to post content on behalf of any agent.Jamieson O'Reilly pointed out that the affected parties include Karpathy, a well-known figure in the AI field with 1.9 million followers on the X platform, as well as all agents currently visible on the platform. At present, anyone could exploit this vulnerability to post false AI safety statements, promote cryptocurrency scams, or incite political statements in the name of others. Jamieson O'Reilly is calling for relevant individuals to assist in contacting the founder to resolve this exposure issue.

According to The Hacker News, Cyata researchers have disclosed three critical security vulnerabilities (CVE-2025-68143/44/45) in the mcp-server-git maintained by Anthropic, which can be exploited for path traversal and parameter injection, potentially leading to remote code execution.These vulnerabilities can be weaponized through prompt injection, allowing attackers to trigger the attack simply by controlling the AI assistant to read malicious content. The vulnerabilities have been patched in the versions released in September and December 2025, and the official has removed the git_init tool and enhanced path validation, recommending users to update to the latest version as soon as possible.

Three security vulnerabilities have been discovered in the official mcp-server-git maintained by Anthropic. These vulnerabilities can be exploited through prompt injection attacks, allowing attackers to trigger the vulnerabilities via malicious README files or compromised web pages without direct access to the victim's system. The vulnerabilities include: CVE-2025-68143 (unrestricted git_init), CVE-2025-68145 (path validation bypass), and CVE-2025-68144 (parameter injection in git_diff).When these vulnerabilities are combined with the file system MCP server, attackers can execute arbitrary code, delete system files, or read arbitrary file contents into the large language model context. Cyata points out that since mcp-server-git does not perform path validation on the repo_path parameter, attackers can create Git repositories in any directory on the system. Additionally, by configuring a cleanup filter in .git/config, attackers can run shell commands without execution permissions. Anthropic assigned CVE identifiers and submitted a patch on December 17, 2025. Users are advised to update mcp-server-git to version 2025.12.18 or higher.

Genius announced on the X platform that, in response to community feedback regarding platform trading issues, several vulnerabilities have been fixed, including:Significant reduction in Gas fees: Fixed the issue of overestimation of Gas limits on-chain due to EIP-1559 and the problem of maxPriorityFeePerGas being set too high;Optimized BNB cross-chain exchange: Added a small Gas buffer to prevent transaction failures due to insufficient Gas, while not significantly increasing Gas fees;Fixed the cross-chain transaction fee sponsorship issue using EIP-7702: Updated the process to correctly execute cross-chain transactions sponsored by third parties (no longer experiencing issues from the old version).

According to market news, Bitcoin Core announced that there is a serious vulnerability in versions 30 and 30.1 when migrating old version (BDB format) wallets, which in rare cases may lead to the accidental deletion of all wallet files in the node. If there is no backup, it could result in permanent loss of funds.This only affects the legacy wallet migration process, and regular usage and existing wallets are not impacted. The official fix for this vulnerability will be in version 30.2, and please do not perform wallet migration operations before that.

Ethereum founder Vitalik reiterated the purpose of Ethereum, stating, "The creation of Ethereum is not to make finance more efficient or applications more convenient, but to give people freedom." This is an important and controversial statement from the "Unpermissioned Manifesto" that deserves our re-examination and a better understanding of its meaning. Words like "efficient" and "convenient" imply improving the average situation in an already quite good context. Efficiency refers to allowing the world's best engineers to pour their souls into reducing latency from 473 milliseconds to 368 milliseconds, or increasing the yield from 4.5% APY to 5.3% APY.Convenience means enabling people to register in 20 seconds instead of 1 minute with just one click instead of three. These things may be well done. But we must understand that we can never outplay the corporate players in Silicon Valley in this game.Therefore, the main underlying game that Ethereum must play must be a different game. This game is resilience. Resilience is not about 4.5% APY versus 5.3% APY, but about minimizing your risk of suffering -100% APY. Resilience means that if you become politically unpopular and get banned, or your application developers go bankrupt or disappear, or Cloudflare goes down, or a cyberwar breaks out, your 2000 milliseconds of latency still remains at 2000 milliseconds. Resilience is that anyone, anywhere in the world can access the network and become a top-tier participant.Resilience is sovereignty, in the sense of "digital sovereignty" or "food sovereignty"—actively reducing vulnerability to external dependencies that can be arbitrarily stripped away at any time. This is the game that Ethereum is suited to win. Ethereum must first and foremost be a decentralized, permissionless, and resilient block space—then make it rich.

According to official news from SlowMist, the agency has discovered potential serious security vulnerabilities at the HitBTC exchange. SlowMist stated that it has disclosed relevant information to HitBTC in advance via private message, but has not yet received a response.

Slow Mist's Yu Sin stated on platform X that the Slow Mist team discovered serious vulnerabilities on two trading platforms (directly affecting fund security), but they were unable to reach anyone, and public contact received no response.Yu Sin also mentioned that one of these trading platforms has a 24-hour trading volume of $3.7 billion, while the other has $240 million. The Slow Mist team's account tweeted that they had proactively contacted a trading platform named "ICRYPEX Global" yesterday.

BitsLab co-founder Luis_0xyi posted on X platform: "A reminder to be cautious when using Chrome extension wallets on Windows computers with large funds. BitsLab recently discovered a vulnerability present in several top extension wallets that can be used to directly steal private keys. This issue affects extension wallets from major exchanges like Coinbase Wallet, Binance Wallet, and others, but the exploitation scenario has certain requirements. We will disclose more after the fix."

Slow Mist has sent a security notification to the cryptocurrency exchange ICRYPEX Global, stating that a potential serious vulnerability has been discovered. Slow Mist urges ICRYPEX Global to contact them as soon as possible to coordinate the next steps.

Slow Mist has sent a security notification to the cryptocurrency exchange Azbitm, stating that potential vulnerabilities have been discovered and that they have reached out via private message in accordance with responsible disclosure principles, but have not yet received a response.Slow Mist urges Azbitm to contact them as soon as possible to coordinate the next steps.

According to Coindesk, the U.S. Financial Stability Oversight Council (FSOC) has removed warnings about vulnerabilities related to digital assets in its latest annual report. This regulatory body, established after the 2008 financial crisis, has previously listed digital assets as one of the risks to the financial system every year.Treasury Secretary Yellen stated in the report that financial stability requires not only attention to risks but also the promotion of long-term economic growth. The 2025 report was reduced from 140 pages to 87 pages, completely removing the term "vulnerabilities" and no longer expressing explicit concerns or regulatory recommendations regarding the crypto industry. The report instead praised the advantages of the industry and noted that dollar stablecoins help reinforce the dollar's position in the international financial system.

The Donjon research team at Ledger demonstrated that electromagnetic fault injection (EMFI) can completely compromise a commonly used MediaTek smartphone chip, which is utilized in many Android phone models. The issue requires attackers to have physical access to the device, but it highlights the risks faced by users storing private keys on smartphones.Ledger stated that its team studied the MediaTek Dimensity 7300 (MT6878) chip produced by TSMC. Researchers used EMFI tools to disrupt the chip's boot read-only memory (boot ROM), successfully bypassing core security checks and gaining full control of the chip, allowing it to run arbitrary code at the highest privilege level (EL3). Ledger emphasized that this finding does not affect Ledger hardware wallets.Ledger disclosed this vulnerability to MediaTek in May. MediaTek responded that EMFI attacks are beyond the security scope of the MT6878 chip, which is designed for consumer products rather than financial or hardware security module applications. Additionally, MediaTek stated that devices with higher security requirements, such as cryptographic hardware wallets, should include specialized defensive measures.At the time of the report's release, physical attack incidents targeting cryptocurrency users were on the rise.

According to the cutting-edge red team test results released by Anthropic, AI agents identified multiple smart contract vulnerabilities in a simulated blockchain environment, with a potential exploit amount of up to $4.6 million.The tests covered the complete process of contract analysis, command line tool configuration, network reconstruction, exploit generation, and validation, and introduced a new benchmark for smart contract security assessment. This research was jointly completed by Anthropic, the MATS project, and the Fellows program.

According to the Nikkei News, the Financial Services Agency of Japan will require cryptocurrency exchanges to establish a reserve fund to compensate users for losses in the event of a hacking attack or security breach.

According to Cointelegraph, the Cardano network experienced a temporary chain split due to a "format error" in a delegated transaction. This type of delegated transaction refers to transactions that delegate ADA to a staking pool, which, while valid at the protocol level, can lead to code failures that affect network functionality.According to an incident report released by the Cardano ecosystem organization Intersect, this "format error" transaction exploited an old code vulnerability in the underlying software library of the Cardano blockchain, causing nodes to have discrepancies in how they processed the transaction, ultimately resulting in a network split. The vulnerability was caused by an ADA staking pool operator named Homer J, who used AI-generated code to facilitate the transaction and has admitted responsibility for the network split.Staking pool operators were urged to download the latest version of the node software to fix the issue and to reintegrate the split chains into a single complete blockchain. This temporary split sparked debate within the Cardano community, with some arguing that Homer J's actions helped expose critical vulnerabilities, while others, including Cardano founder Charles Hoskinson, labeled it an attack on the Cardano network, prompting an investigation by the FBI.One user quipped, "No one noticed the network partition of Cardano because no one is using it."

According to Cointelegraph, Bitcoin Core has passed its first third-party security audit, confirming that the software securing the Bitcoin network is highly mature, with no serious vulnerabilities found.The audit was conducted by the French security company Quarkslab, commissioned by the Open Source Technology Improvement Fund (OSTIF) and implemented on behalf of the Bitcoin Core development funding organization Brink. During the 104-day audit period from May to September, the reviewers assessed the most sensitive components of the project, with particular attention to the P2P layer and block validation logic. The report noted that despite the large size of the Bitcoin Core codebase, which contains over 200,000 lines of C++ code and more than 1,200 deployed test cases, the auditors assessed it as "the most mature and well-tested." The team found no high or medium severity vulnerabilities, only two low severity issues, along with a series of recommendations for improvements mainly related to fuzz testing tools and test coverage. These findings did not impact the consensus mechanism, denial-of-service resistance, or transaction validation.

The Slow Mist security team recently analyzed the open-source automated futures trading system NOFX AI based on DeepSeek/Qwen and discovered multiple serious authentication vulnerabilities. They pointed out that the system has a "zero authentication" mode under default configuration, with administrator mode directly enabled, allowing all requests to pass without verification. Attackers can access /api/exchanges and obtain complete API keys and private keys. Although JWT has been added in the "authorization required" mode, the default jwt_secret still exists, and if the environment variable is not set, it will revert to the default key. Furthermore, in this mode, sensitive fields are still output in raw JSON, meaning that if the token is forged or stolen, it can also lead to key leakage.Slow Mist stated that as of now, they have identified over a thousand publicly deployed instances using vulnerable configurations and have coordinated with the security teams of Binance and OKX to complete the relevant credential replacements. The team urges all users to upgrade their systems immediately, especially those running robots on Aster or Hyperliquid should check their settings as soon as possible.

Berachain announced that all funds lost due to the BEX / Balancer v2 vulnerability (approximately $12.8 million) have been returned to the Berachain Foundation Deployer address. The blockchain has resumed operation.The minting/redeeming function of HONEY has also been restored accordingly, but all BEX functions are restricted, including redemption, withdrawal, and deposits. For those with large pools of stolen funds from independent depositors, the Berachain core team is currently developing a system that will return deposits to their original addresses and allocate them to users accordingly. The team reminds that users with deposits in BEX that have not been attacked are temporarily unable to withdraw. This is out of caution, as the cause of the Balancer vulnerability has not yet been fully determined.