Friday , June 26 2026
OWASP

OWASP Reveils Top 10 Smart Contract Vulnerabilities for 2025

infosecbulletin Tuesday , January 21 2025 Hot Topic

OWASP has released its updated list of the top 10 vulnerabilities in smart contracts for 2025. This guide highlights the most critical vulnerabilities and provides developers and security professionals with a roadmap to reduce risks in decentralized systems.

  OWASP 2023 – 2025

The OWASP Smart Contract Top 10 lists the most common vulnerabilities in the Web3 space, including:

Hackers Target Cloudflare-Hosted AWS Domains to Steal Console Logins

By infosecbulletin / Friday , June 26 2026
A complex phishing attack targets AWS console users by misusing Cloudflare-hosted websites to steal login details. Each domain had a nearly...
Read More
Hackers Target Cloudflare-Hosted AWS Domains to Steal Console Logins

Daily Cyber security update for 26. 06. 2026

By infosecbulletin / Friday , June 26 2026
Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 26. 06. 2026

WhatsApp to Alert Users Before Chatting With New Numbers

By infosecbulletin / Thursday , June 25 2026
WhatsApp is rolling a new security warning on Android and iOS. It shows up before users open a chat with...
Read More
WhatsApp to Alert Users Before Chatting With New Numbers

OpenAI unveils its first custom chip, Named Jalapeño

By infosecbulletin / Wednesday , June 24 2026
On Wednesday, OpenAI introduced its first special AI chip. This is aimed at growing from just consumer products to being...
Read More
OpenAI unveils its first custom chip, Named Jalapeño

Bajaj Auto System Hit by a Ransomware Attack

By infosecbulletin / Wednesday , June 24 2026
Bajaj Auto said on Tuesday that a ransomware attack impacted its systems and its subsidiary, Bajaj Auto Technology Ltd (BATL)....
Read More
Bajaj Auto System Hit by a Ransomware Attack

Cisco Unified CM flaw CVE-2026-20230 exploited in attacks

By infosecbulletin / Wednesday , June 24 2026
A serious SSRF flaw, called CVE-2026-20230, in Cisco Unified Communications Manager Server is now being used in attacks. Cisco put out...
Read More
Cisco Unified CM flaw CVE-2026-20230 exploited in attacks

LastPass says hackers stole customer data via Klue, supply chain breach

By infosecbulletin / Tuesday , June 23 2026
LastPass has reported a security issue with its vendor, Klue. This incident allowed an attacker unauthorized access to customer data....
Read More
LastPass says hackers stole customer data via Klue, supply chain breach

New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide

By infosecbulletin / Tuesday , June 23 2026
Researchers at cybersecurity firm Paradigm Shift found a new flaw called usbliter8. This flaw can get around main boot protections...
Read More
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide

India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record

By infosecbulletin / Tuesday , June 23 2026
A cyber attack seems to have affected one of India's top electronics companies. Tata Electronics has said there was a...
Read More
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record

Anthropic’s Mythos reportedly broke NSA classified systems in hours

By infosecbulletin / Monday , June 22 2026
The recent finding shows how powerful Mythos is: the AI can access the US government's secret networks in just a...
Read More
Anthropic’s Mythos reportedly broke NSA classified systems in hours

Access Control Vulnerabilities (SC01:2025): Access control flaws can let unauthorized users modify a contract’s data or functions, resulting in major security breaches. In 2024, these issues caused losses of $953.2 million, as reported by SolidityScan’s Web3HackHub.

Price Oracle Manipulation (SC02:2025): Attackers exploit weak data feeds to manipulate external data sources, destabilizing protocols and creating financial chaos.

Logic Errors (SC03:2025): Mistakes in business logic remain a costly issue, leading to improper token minting, flawed lending logic, or incorrect reward distributions.

Reentrancy Attacks (SC05:2025): These attacks exploit a contract’s weak functions to drain funds or disrupt logic, leading to $35.7 million in losses in 2024.

Flash Loan Attacks (SC07:2025): These attacks exploit uncollateralized loans, disrupting liquidity and token prices. Key vulnerabilities include Integer Overflow and Underflow, Insecure Randomness, and Denial of Service Attacks.

Multiple Azure DevOps Vulns Allow To Inject CRLF Queries & Rebind DNS

Check Also

FortiBleed

FortiBleed: 70,000 Fortinet Firewalls Compromised Globally

A vast cyber spying operation called “FortiBleed” has quietly compromised more than 73,932 different Fortinet …

Mail: [email protected]
© Copyright 2026, All Rights Reserved InfoSecBulletin