VERCEL GOT HACKED ShinyHunters – the group behind the Ticketmaster breach – is selling Vercel's internal database for $2M on BreachForums here's why every developer should care: - they have NPM tokens and GitHub tokens - Vercel owns Next.js – 6 million weekly downloads - one Show more

We've identified a security incident that involved unauthorized access to certain internal Vercel systems, impacting a limited subset of customers. Please see our security bulletin: vercel.com/kb/bulletin/ve…

its a pretty good hack ngl 😁 Rather, the attacker was able to gain access to the list of RPCs per DVN uses, compromise two of them – which were independent nodes running on separate clusters without direct connection to each other – and swap out binaries running the op-geth nodes. Because of our least-privilege principles, they were unable to compromise the actual DVN instances. However, they used this pivot point to execute an DVN-specific attack. Their malicious node used a custom payload designed explicitly to bypass the two DVNs with minimal warnings. The message was only shown to the DVN while the node explicitly told the truth to any other IP addresses that made RPC requests, including our Scan service that would index all the information about the attack to all our internal observability infrastructure. This was carefully designed to prevent any security monitoring from noting anomalies from what external RPCs were reporting. It was designed to self-destruct once the attack could no longer be performed, disabling the RPCs, deleting the malicious binaries and corresponding local logs and config.

layerzero attack was not rpc poisoning in networking poisoning is when the attacker outside the trust boundary taints a shared lookup (dns, arp, cache). the consumer has no reason to distrust the source. this was not that. the attackers got inside layerzero's trust boundary. Show more

Question? Grok has the answer. Try SuperGrok today for free.