Enable JavaScript and cookies to continue

# Denaria Finance: Virtual AMM Manipulation via Unprotected `realizePnL` On April 5, 2026, Denaria Finance, a perpetual DEX on Linea, (block 30,067,821) suffered a virtual AMM manipulation attack that drained approximately **165,618 USDC** from the protocol’s Vault. The attacker flash-loaned 60,000 USDC from Aave V3, deployed pairs of ephemeral LP […]

A recent article of the OpenBSD journal caught me attention: Pledge changes in 7.9-beta (archive.org mirror as it’s currently offline). The quoted message starts with: > Previously under certain promises it was possible to open certain files or devices even if the program didn’t pledge “rpath” or “wpath”. This behavior […]

# You’re Not Supposed To ShareFile With Everyone (Progress ShareFile Pre-Auth RCE Chain CVE-2026-2699 & CVE-2026-2701) If you squint and look at the CISA KEV list, you might think it’s made up exclusively of vulnerabilities in file transfer solutions. While this would be wrong (and you shouldn’t squint, it’s bad […]

# BitLocker’s Little Secrets: The Undocumented FVE API The purpose of the BitLocker check I implemented in PrivescCheck is to determine whether the system drive is protected, and if so, whether two-factor authentication is configured (typically TPM+PIN). You’d think that it’s a simple thing to do, but it is not, […]

Recent attacks on open source focus on exfiltrating secrets; here are the prevention steps you can take today, plus a look at the security capabilities GitHub is working on. Over the past year, a new pattern has emerged in attacks on the open source supply chain. Attackers are focusing on […]

## TL;DR In January 2026, the Chrome Releases blog announced several security fixes across different Chrome components. One entry caught our attention: **CVE-2026-0899**, an Out-of-Bounds memory access in V8 discovered by @p1nky4745. Vulnerabilities in V8, especially OOB and Type Confusions are always interesting from a security research perspective. We decided […]

At the beginning of 2026, Check Point Research observed a series of targeted attacks against government entities in Southeast Asia carried out via a legitimate TrueConf software installed in the targets’ environment. The investigation led to the discovery of a zero-day vulnerability in the TrueConf client, tracked as **CVE-2026-3502** with a **CVSS score […]

CVE-2026-3779 A use-after-free vulnerability exists in the way Foxit Reader handles an Array object. A specially crafted JavaScript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the […]

# WhaleBit CES / IGT Staking Spot-Oracle Manipulation On March 31, 2026 at 22:56:21 UTC (Polygon block `84938872`), an attacker exploited WhaleBit’s unverified staking system through a **same-transaction spot-oracle manipulation** funded by a flash loan. The attacker EOA `0xe66b37de57b65691b9f4ac48de2c2b7be53c5c6f` used helper contract `0xb5a8d7a37d60aa662f4dc9b3ef4c32a3fe21fadf` to borrow `51,024.905390945780848543 CES`, run three batches […]