A Detailed Analysis on EDE Finance's $520K Hack
On 30 May 2023, EDE Finance was hacked for approximately $520k (437k $USDC & 86k $USDT). Here's a detailed analysis of the event.| Numen
Download the Report Here: https://www.numencyber.com/wp-content/uploads/2023/06/Suiet-Audit.pdf The post Suiet Wallet Extension Audit Report appeared first on Numen.| Numen
On 30 May 2023, EDE Finance was hacked for approximately $520k (437k $USDC & 86k $USDT). Here's a detailed analysis of the event.| Numen
Numen Cyber, a leading Singapore-based cybersecurity firm, announced a strategic partnership with BEIJING SINNET TECHNOLOGY CO., LTD. of Hong Kong. This collaboration focuses on enhancing the security of cloud server and cloud service business scenarios. Numen Cyber, dedicated to providing professional cybersecurity services and integrated security product solutions, boasts a robust technical team comprised of […]| Numen
Affected versions ledgerhq/connect-kit 1.1.5 ledgerhq/connect-kit 1.1.6 ledgerhq/connect-kit 1.1.7 Event Analysis The Numen security team discovered that Ledger’s Ledgerhq/connect-kit module has been implanted with malicious phishing code, and that a large number of dapps integrate this functionality, with no clear statistics on the list of affected dapps, which is extremely wide-ranging. https://github.com/LedgerHQ/connect-kit/commit/a4ba6946d8ab1906b040daf259c49dcd1dfdeeba?source=post_pag...| Numen
01 – Introduction On November 2, 2023, POC2023 took place as scheduled in South Korea. I was fortunate to attend this conference where YYJB and I presented on the topic of “Modern Chrome Exploit Chain Development.” Given the title “Modern”, it would indeed be a bit awkward if we didn’t share something relatively new with […] The post Use Wasm to Bypass Latest Chrome v8sbx Again appeared first on Numen.| Numen
Preface OctoPrint is an open source 3D printer controller application that provides a web interface for connected printers. It displays printer status and key parameters, and supports scheduling print jobs and controlling the printer remotely. Description Numen Security Labs vulnerability researchers have discovered in OctoPrint version less than or equal to 1.9.2 that print job […] The post OctoPrint Remote Code Execution Vulnerability (CVE-2023–41047) appeared first on Numen.| Numen
Preface Apache ShenYu is a Java native API Gateway for service proxy, protocol conversion and API governance. Description Numen Cyber Labs vulnerability researchers have discovered an SSRF vulnerability in Apache ShenYu< version 2.6. CVE ID CVE-2023–25753 Impacts version < 2.6 Analysis org.apache.shenyu.admin.controller.SandboxController#proxyGateway receives proxyGatewayDTO, calls requestProxyGateway method ProxyGatewayDTO has requestUrl, cookie, headers, httpMethod parameters requestProxy...| Numen
0x00-Preface On July 21, 2023, @5aelo published a new discussion document on v8 sandbox: Function Pointer Wrapping. Given that this bypass will be patched by Chrome’s pointer wrapping mitigation in the future, this article discusses how to leverage the native pointers of Function to bypass the latest v8 sandbox in Chrome. Regarding the origin and evolution of the […]| Numen
Learn the principles of selecting the right cryptocurrency wallet for secure asset management and transactions.| Numen
Delve into the intricacies of the $7.5 million hack on Jimbos Protocol, unravelling the details and implications of the breach.| Numen
Numen Cyber is pleased to announce its strategic partnership with MUFEX, a decentralized derivatives exchange (DEX).| Numen
Analyzing CVE-2023-29336 Win32k vulnerability, its exploitation, and mitigation measures in the context of evolving security practices.| Numen
