OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link
A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking; patched in v2026.1.29.
"The problem is that clicking on the link to that web page is enough to trigger a cross-site WebSocket hijacking attack because OpenClaw's server doesn't validate the WebSocket origin header."
thehackernews.com/2026/02/open...
06.02.2026 08:28 β π 0 π 0 π¬ 0 π 0
Notepad++ Hijacked by State-Sponsored Hackers | Notepad++
"The attack involved infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic destined for notepad-plus-plus.org. The incident began from June 2025 until December"
Recommend version: v8.9.1
notepad-plus-plus.org/news/hijacke...
02.02.2026 16:40 β π 0 π 0 π¬ 0 π 0
ERC-1643: Document Management Standard (ERC-1400)
This ERC allows documents to be associated with a smart contract and a standard interface for querying / modifying these contracts, as well as receiving updates (via events) to changes on these docume...
ERC-1643, part of ERC-1400, is one of the oldest tokenization related standard on Ethereum (2018) developed by PolymathNetwork.
It allows to manage on-chain document which is very useful for tokenization and RWA. More information on the Ethereum magician forum: ethereum-magicians.org/t/erc-1643-d...
20.01.2026 19:37 β π 1 π 0 π¬ 0 π 0
GitHub - CMTA/CMTAT-Solana: Solana version of CMTAT
Solana version of CMTAT. Contribute to CMTA/CMTAT-Solana development by creating an account on GitHub.
How do you tokenize RWAs on Solana?
CMTA just released a new specification leveraging the Token Extensions Program (Token-2022).
Now available on GitHub: github.com/CMTA/CMTAT-S...
Glad to have contributed through my work at Taurus
09.12.2025 16:09 β π 0 π 0 π¬ 0 π 0
Shai Hulud Strikes Again (v2) - Socket
Another wave of Shai-Hulud campaign has hit npm with more than 500 packages and 700+ versions affected.
Tracking the latest NPM supply-chain attack (βShai Huludβ):
β’ Socket: socket.dev/blog/shai-hu...
β’ Aikido: www.aikido.dev/blog/shai-hu...
26.11.2025 12:15 β π 0 π 0 π¬ 0 π 0
Bitcoin Core audit - Quarkslab's blog
The Open Source Technology Improvement Fund, Inc. mandated Quarkslab to perform the first public security audit of Bitcoin core, the reference open-source implementation of the Bitcoin decentralized p...
Quarkslab engineers Robin David, Mihail Kirov and Kaname just completed the first public security audit of Bitcoin Core, led by
@ostifofficial.bsky.social and funded by Brink.dev
Details on the blog post:
blog.quarkslab.com/bitcoin-core...
Congrats to developers for such software masterpiece !
19.11.2025 15:40 β π 6 π 5 π¬ 0 π 0
YouTube video by Cryptography 101
Lecture 1. Introduction (Hash-Based Signatures)
Great YouTube playlist to learn more about Hash-Based quantum-safe signature schemes (LMS, XMSS and
SPHINCS+). www.youtube.com/watch?v=pt5W...
#cryptography
18.11.2025 16:37 β π 1 π 0 π¬ 0 π 0
Bluesky seems to work, unlike X/Twitter x)
18.11.2025 13:27 β π 1 π 0 π¬ 1 π 0
YouTube video by Base
Coinbase Security Series: Open Source MPC Key Management
Coinbase Security series: what is MPC and how to use it for Key Management: youtu.be/qdhM3syDkxM
#cryptography
12.11.2025 06:41 β π 0 π 0 π¬ 0 π 0
See also www.aikido.dev/blog/npm-deb... and www.securityalliance.org/news/2025-09...
09.09.2025 06:09 β π 1 π 0 π¬ 0 π 0
"The malware did more than just steal SSH keys, npm tokens, and .gitconfig files - it weaponized AI CLI tools (including Claude, Gemini) to aid in reconnaissance and data" www.stepsecurity.io/blog/supply-...
28.08.2025 18:00 β π 0 π 0 π¬ 0 π 0
YouTube video by [EthCC] Livestream 6
Stav Beno (starkware) - From Design to Benchmarking: BLAKE Hash AIR for the Stwo Prover
Algebraic intermediate Representation (AIR) for Blake Hash youtu.be/INtBA-9vJpU?... hackmd.io/@starkware-h...
13.07.2025 12:53 β π 0 π 0 π¬ 0 π 0
Taurus Blog - Conditional Transfers with CMTAT & Taurus-CAPITAL: A Step-by-Step Guide
Conditional Transfers with CMTAT & Taurus-CAPITAL: A Step-by-Step Guide
My last article about ERC-20 ConditionalTransfer is available on Taurus blog: www.taurushq.com/blog/tokeniz...
Based on CMTAT, an open-source project: github.com/CMTA/CMTAT
#solidity
29.06.2025 11:09 β π 2 π 0 π¬ 1 π 0
Ethereum NFT Standards: ERC-721, ERC-1155, ERC-6551, and More
Non-Fungible Tokens (NFTs) enable unique, verifiable ownership of digital and real-world items on the blockchain. While ERC-721 remains the main standard to represent NFTs on Ethereum and EVM blockcha...
NFTs are used to represent unique items on the blockchain. As you may know, the most known standard on Ethereum is ERC-721. Since its creation, several other standards (ERC-1155, ERC-2981, ERC-4907,...) have emerged to meet various use cases. More details here: rya-sge.github.io/access-denie...
02.04.2025 05:58 β π 3 π 0 π¬ 0 π 0
Taurus Blog - ERC-1400 for Tokenized Securities: Analysis and Deployment with Taurus-CAPITAL
ERC-1400 for Tokenized Securities: Analysis and Deployment with Taurus-CAPITAL
How to tokenize on Ethereum and EVM based blockchain? My last article on Taurus blog is a deep dive into ERC-1400, one of the oldest tokenization standards (2018). www.taurushq.com/blog/erc-140...
25.03.2025 11:15 β π 0 π 0 π¬ 0 π 0
A couple weeks ago we published our monthly release of ZK Mesh: the February 2025 Recap.
Wondering which articles/threads are the most popular amongst our #ZKMesh readers so far?
ZK Mesh Feb 2025 Top 5, here we go
𧡠π
open.substack.com/pub/zkmesh/p...
17.03.2025 11:56 β π 1 π 1 π¬ 1 π 0
Introduction - Halo Hero
damn this halo2 book is soooo goooood halo2.zksecurity.xyz/intro/
14.03.2025 15:53 β π 0 π 1 π¬ 0 π 0
Sepolia Pectra fork incident recap
Blog on semi-cool ethereum stuff
Sepolia Pectra fork incident recap:
"we quickly realized that, because the deposit contract is token gated, an ERC-20 transfer event was emitted whenever a deposit was processed.
mariusvanderwijden.github.io/blog/2025/03...
13.03.2025 08:58 β π 0 π 0 π¬ 0 π 0
Bybit hack deep dive by ncc group www.nccgroup.com/us/research-...
12.03.2025 07:53 β π 0 π 0 π¬ 0 π 0
An independent research lab exploring the future of tools for thought.
We envision a new computer that amplifies human intelligence. A system that helps you think more clearly, collaborate more effectively, and is available anywhere and anytime.
Digital Finance Expert π https://xvlv.io
Programmability, Financial Market Infrastructures, CBDC, Tokenization & RWA, Cross-Border Payments.
ποΈ UniversitΓ© PanthΓ©on-Sorbonne
Uncertified ethical hacker
Senior Lecturer of Cryptography at King's College London.
Professional Protocol Admirer.
Views are my own.
He/Him.
PhD Student at ETH Zurich, Cryptography and more
(Real world) Cryptographer.
chelseakomlo.com for more info.
Microsoft MVP | International Speaker |Β Software Engineer @ iDIP Solution
Engineering @nokia.bsky.social I share papers, projects and news about AI. Plus, I shitpost.
website: https://t.co/ml5yPJjZLO Natural Language Processing and Machine Learning researcher at the University of Cambridge. Member of the PaNLP group: https://www.panlp.org/ and fellow of Fitzwilliam College.
Interested in cognition and artificial intelligence. Research Scientist at Google DeepMind. Previously cognitive science at Stanford. Posts are mine.
lampinen.github.io
PhD student at Cambridge University. Causality & language models. Passionate musician, professional debugger.
pietrolesci.github.io
Research Intern at ETH ZΓΌrich
Doctoral student @ETH ZΓΌrich π¨π
Postdoc at ETH. Formerly, PhD student at the University of Cambridge :)
cypherpunk wannabe interested in permissionless protocols and a better social web https://stephancill.eth.limo
Blockchain|Crypto|DeFi|Web3 Analyst and Researcher and Overall Human
All the necessary news about blockchain and crypto market
