Tag Archives: vulnerability

Hyperliquid Faces a Staggering $4.9 Million Setback

Posted on by
Reply

On Wednesday, Hyperliquid faced an unexpected financial hit amounting to $4.9 million due to extreme fluctuations in the price of POPCAT.

Blockchain analytics platform Lookonchain revealed that these fluctuations involved intentional price manipulation. This incident exposes the vulnerability of liquidity in decentralized derivative markets.

Continue Reading: Hyperliquid Faces a Staggering $4.9 Million Setback.
https://bitcoinethereumnews.com/tech/hyperliquid-faces-a-staggering-4-9-million-setback/

iOS 18.7.2 and iPadOS 18.7.2 Are Out With Security Fixes

Posted on by
Reply

Apple has released iOS 18.7.2 and iPadOS 18.7.2, bringing important security fixes for users who have not yet installed the previous updates for these operating systems.

These new updates address multiple security vulnerabilities, including issues within the App Store, Find My app, and Apple Intelligence that could potentially allow apps to fingerprint users without their consent. Additionally, Apple has resolved several Safari and WebKit-related flaws where processing maliciously crafted web content might cause unexpected process crashes.

Another critical vulnerability has been patched, which previously allowed web apps to monitor keystrokes without user permission — a significant privacy concern.

For a complete list of security improvements included in these updates, you can visit Apple’s official support page. Installing these updates as soon as possible is highly recommended to ensure that your iPhones and iPads remain protected against potential threats.

In related news, on November 3, Apple also released macOS Sequoia 15.7.2 and macOS Sonoma 14.8.2, which contain various security fixes aimed at enhancing the protection of Mac devices.
https://www.thurrott.com/apple/329304/ios-18-7-2-and-ipados-18-7-2-are-out-with-security-fixes

Musk unveils X Chat, a messenger with encryption ‘similar to Bitcoin’

Posted on by
Reply

Tech entrepreneur and billionaire Elon Musk is set to launch a standalone messaging app called **“X Chat”** to compete with popular platforms like Telegram and WhatsApp. The rollout is expected within the next few months.

During an appearance on *The Joe Rogan Experience* podcast, which aired on Friday, Musk revealed, “On X, we just rebuilt the entire messaging stack into what’s called ‘X Chat.’ It’s using a peer-to-peer-based encryption system, kind of similar to Bitcoin. It’s very good encryption; we’re testing it thoroughly.”

Musk hopes the new messaging app will be released in a “few months.” He emphasized that X Chat won’t have any “hooks for advertising,” unlike competitors such as WhatsApp. “WhatsApp knows enough about what you’re texting to know what ads to show you,” he explained. “But then, that’s a massive security vulnerability because if it knows enough information to show you ads, that’s a lot of information.” Musk added that these same “hooks” could potentially be exploited by hackers to read private messages.

### Does WhatsApp Read Your Messages?

WhatsApp’s parent company, Meta, claims it does **not** have access to private messages. According to their FAQ, messages between users are end-to-end encrypted using the Signal Protocol. This encryption extends to voice messages, media, and documents.

However, certain “metadata” — such as who you chat with and how frequently — is not encrypted. Additionally, WhatsApp does **not** automatically encrypt backup copies of chat history.

When asked, “Does WhatsApp collect or sell your data?”, WhatsApp’s FAQ provides a careful response:
“We work with other Meta Companies to help provide, improve, and support each other’s services. If you choose to integrate your WhatsApp experience with other Meta products, we will share some information with Meta to make this possible.”

### X Chat Promises Enhanced Privacy Without Advertising Hooks

Elon Musk assures that X Chat will not include these advertising “hooks.” “I’m not saying it’s perfect, but our goal with X Chat is to replace what used to be the Twitter DM stack with a fully encrypted system where you can text, send files, do audio and video calls,” he said. “I think it will be the least insecure of any messaging system.”

X Chat will be available both as part of the X platform and as its own standalone app, offering users a privacy-focused alternative in the crowded messaging app market.
https://cointelegraph.com/news/elon-musk-launch-whatsapp-competitor-with-p2p-encryption-similar-bitcoin?utm_source=rss_feed&utm_medium=feed&utm_campaign=rss_partner_inbound

120,000 Bitcoin (BTC) Wallets at Risk With This Vulnerability

Posted on by
Reply

**Known Bug in Libbitcoin Explorer (bx) 3.x Puts Over 120,000 Bitcoin Wallets at Risk**

A critical vulnerability discovered in the Libbitcoin Explorer (bx) 3.x library has exposed more than 120,000 Bitcoin (BTC) wallets worldwide to potential hacking attempts. The issue stems from a weak random number generation method, making it significantly easier for attackers to guess seed phrases and compromise wallet security.

### Thousands of Bitcoin Wallets Vulnerable to Brute Force Attacks

First identified in November 2023, this vulnerability continues to leave non-custodial Bitcoin wallets susceptible to brute force attacks. On October 17, 2025, the OneKey wallet team shared an overview of the potential attack vector involving the vulnerable library.

The Libbitcoin Explorer (bx) library—a software development toolkit used to build Bitcoin wallets in C++—uses the Mersenne Twister-32 algorithm for random number generation. However, this algorithm was seeded solely with the system time, limiting the seed space to just 2³² possible values. This restricted seed space considerably weakens wallet security, making it easier for attackers to enumerate potential seeds.

As a result, wallets generated with certain versions of Trust Wallet and directly through Libbitcoin Explorer (bx) 3.x can be recovered by malicious actors.

### How Does the Hack Work?

Because the seed space is so small, a high-performance personal computer can exhaustively enumerate all possible seeds within days. This capability allows attackers to predict private keys generated at specific times, enabling them to steal assets on a massive scale.

Despite this weakness in the random number generator (RNG) being publicly known for over two years, many Bitcoin users relying on affected wallets still face significant risks.

### Three Steps to Protect Your Funds

To safeguard your Bitcoin holdings, users with non-custodial wallets created using vulnerable tools between 2017 and 2023 should take the following precautionary measures:

1. **Move Funds to Secure Wallets**
Transfer your assets to wallets protected by Cryptographically Secure Pseudo-Random Number Generators (CSPRNG) to ensure stronger randomness and security.

2. **Generate New Seed Phrases Using BIP 39 Standards**
Creating new seed phrases based on the BIP 39 specification can add an essential security layer to your Bitcoin wallet.

3. **Audit All Paper and Hardware Wallets**
Review any physical wallets that may be affected by the vulnerability, known in the community as the “Milk Sad Case,” and replace them if necessary.

For software wallet users, always keep your wallet applications and operating systems updated to the latest versions to minimize the risk of exploits.

By following these steps, Bitcoin users can reduce the risk of falling victim to brute force attacks targeting wallets generated with the flawed Libbitcoin Explorer (bx) 3.x library. Staying informed and proactive is essential in protecting your digital assets.
https://u.today/120000-bitcoin-btc-wallets-at-risk-with-this-vulnerability