bug-bounty507
xss286
rce144
bragging-post119
account-takeover104
google101
exploit94
open-source93
csrf85
authentication-bypass80
facebook75
microsoft75
stored-xss74
cve73
privilege-escalation72
access-control67
ai-agents64
web-security63
reflected-xss63
writeup58
ssrf52
input-validation52
malware51
sql-injection49
smart-contract48
defi48
cross-site-scripting47
tool46
ethereum45
privacy44
information-disclosure44
api-security41
phishing40
web-application38
lfi37
apple37
llm37
opinion36
burp-suite36
automation35
cloudflare34
idor33
infrastructure33
web333
vulnerability-disclosure33
oauth33
smart-contract-vulnerability33
responsible-disclosure33
html-injection33
machine-learning32
0
5/10
bug-bounty
A researcher discovered a critical $150,000 Evmos vulnerability by simply reading Cosmos documentation—sending funds to the distribution module account (which should be blocklisted) triggered invariant violations that halted the entire blockchain and all dependent dApps.
cosmos-blockchain
evmos
module-accounts
invariant-breaking
fund-transfer
denial-of-service
blockchain-halting
bug-bounty
web3-security
golang
bragging-post
Evmos
Cosmos
Immunefi
jayjonah.eth
x/bank module
distribution module