We're opening the waitlist for our Monetization Gateway, which will allow you to charge for any web page, dataset, API, or MCP tool behind Cloudflare. The charges will settle in stablecoins over the x402 open protocol. https://t.co/pvICtEIixj
@ChainLinkGod I don't know if this was clarified anywhere.
1. How exactly did they get hacked? Was it an exploit the hacker discovered or was it a problem with the configs?
2. Did they patch it ?
Why is nobody talking about this?
I might have to take back everything I said criticizing Ethereum rainbows and unicorns. Sometimes rainbows and unicorns are exactly what a community needs.
Very surprised this all came together through donations. Big learning moment for me.
@Zai_org I was trying out the New ZCode. Where do I place my Global Context files? (AGENTS.md or CLAUDE.md )
When I use Claude CLI or OpenCode CLI its using the Global Context files. Unsure where to configure this for ZCode Agent.
🚨🚨
We are currently experiencing an issue with the CoW Swap frontend (https://t.co/GPQ8bBzftU). While we are investigating, please DO NOT use CoW Swap.
🥈 2nd prize: Bumpwallet by @GeorgeMathew_ & @liz_mgeorge
Bump makes onchain payments feel like contactless payments. Instead of copying addresses or scanning QR codes, users simply tap phones using NFC to send crypto instantly.
3/ Bumpwallet by Bumpay
Bump makes onchain payments feel like contactless payments. Instead of copying addresses or scanning QR codes, users simply tap phones using NFC to send crypto instantly.
@liz_mgeorge@GeorgeMathew_
Project link: https://t.co/Rc9iRFy4S3
🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages.
The latest [email protected] now pulls in [email protected], a package that did not exist before today. This is a live compromise.
This is textbook supply chain installer malware. axios has 100M+ weekly downloads. Every npm install pulling the latest version is potentially compromised right now.
Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that:
• Deobfuscates embedded payloads and operational strings at runtime
• Dynamically loads fs, os, and execSync to evade static analysis
• Executes decoded shell commands
• Stages and copies payload files into OS temp and Windows ProgramData directories
• Deletes and renames artifacts post-execution to destroy forensic evidence
If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.
@Marvreum@ensdomains Really interesting edge case. I haven’t dug into 7702 scenarios much yet, but I’d expect bundles to still help by tightening execution around the recovery flow. The ability to re-attach a delegate and keep draining sounds like a pretty nasty complication.
I thought my @ensdomains was gone with an old compromised wallet.
Luckily I got a Flashbots bundle working, that moved the ens name and updated ownership in one shot and the sweeper bots stayed away.
Script:
https://t.co/CDs8niiMMw