bug-bounty622
facebook479
xss316
google174
microsoft120
rce102
apple72
csrf60
web355
account-takeover53
writeup51
exploit43
sqli41
dos36
ssrf34
cve33
cloudflare32
privilege-escalation29
defi28
malware27
node26
smart-contract-vulnerability25
idor25
subdomain-takeover24
clickjacking23
smart-contract23
ethereum23
access-control21
react21
vulnerability-disclosure21
reverse-engineering20
auth-bypass19
aws19
remote-code-execution18
lfi18
cloud17
docker17
cors17
oauth17
supply-chain17
race-condition17
info-disclosure16
browser14
authentication-bypass14
solidity14
phishing14
denial-of-service11
sql-injection11
delegatecall11
wordpress10
0
bug-bounty
A security researcher disclosed critical vulnerabilities in Moonbeam and Aurora EVM-based networks, protecting over $100M in DeFi assets and earning $1M+ in bug bounties through the discovery of delegatecall misuse and design flaws in layer-2 solutions. The article also discusses potential insolvency risks in wrapped token protocols like WETH.
bug-bounty
smart-contract-vulnerability
delegatecall
evm
layer-2
defi-security
wrapped-tokens
solvent-attack
moonbeam
aurora-engine
near-protocol
ethereum
design-flaw
Polkadot
Frontier EVM
Moonbeam
Moonwell
Aurora
NEAR Protocol
WETH
Immunefi
pwning.eth
Ethereum
0
bug-bounty
A security researcher (pwning.eth) disclosed critical smart contract vulnerabilities in blockchain protocols, earning substantial bug bounties including $1M from Moonbeam for discovering a delegatecall design flaw protecting $100M+ in DeFi assets, and $6M for an Aurora Engine vulnerability that could have resulted in 70,000 ETH being stolen.
bug-bounty
smart-contract-vulnerability
defi
delegatecall
wrapped-tokens
layer-2
ethereum
near-protocol
moonbeam
aurora-engine
design-flaw
cryptocurrency
blockchain-security
Interlay
Moonbeam
Moonwell
Aurora Engine
NEAR Protocol
WETH
Immunefi
pwning.eth
Ethereum