A high-severity vulnerability was discovered in Across V3 cross-chain bridge that allows malicious relayers to steal the full value of certain transactions from users by exploiting the optimistic relay mechanism before UMA's Optimistic Oracle validation.
A security researcher earned $10,000 on Immunefi by discovering two related vulnerabilities in DFX Finance: unhandled fee-on-transfer (FoT) tokens that drain liquidity from USDC pairs, and risks from USDC being upgradable, which could introduce breaking changes to the protocol. The submission succeeded through a functional proof-of-concept, real-world impact examples, and actionable remediation recommendations.
A security researcher disclosed critical vulnerabilities in Moonbeam and Aurora EVM-based networks, protecting over $100M in DeFi assets and earning $1M+ in bug bounties through the discovery of delegatecall misuse and design flaws in layer-2 solutions. The article also discusses potential insolvency risks in wrapped token protocols like WETH.
A security researcher disclosed critical vulnerabilities in Moonbeam and Aurora Engine smart contracts, earning record bug bounties ($1M from Moonbeam, $6M from Aurora) by identifying delegatecall misuse and design flaws that put over $100M in DeFi assets at risk.