# LML / APower Reward-Claim Price Manipulation On March 31, 2026 at 20:39:02 UTC, the attacker used flash-loaned capital on BNB Chain to manipulate the LML/USDT market, then batch-triggered reward claims for pre-seeded accounts through APower and immediately sold the resulting LML back into the distorted pool. The primary issue […]

# InfinitySix Stale TWAP Price Exploitation (BSC) Two compounding flaws in InfinitySix’s ( `$i6`) BSC staking contract were chained to extract **273,802 USDT** in block 89,703,286. The contract credits referral bonuses to a sponsor’s withdrawable balance immediately upon the referral’s `invest()` call; separately, its TWAP oracle enforces a 1-minute hard […]

AI assistants now handle some of the most sensitive data people own. Users discuss symptoms and medical history. They ask questions about taxes, debts, and personal finances, upload PDFs, contracts, lab results, and identity-rich documents that contain names, addresses, account details, and private records. That trust depends on a simple […]

# Please, We Beg, Just One Weekend Free Of Appliances (Citrix NetScaler CVE-2026-3055 Memory Overread Part 2) Today, we woke up with a nagging feeling: what if Citrix had, in fact, patched multiple Memory Overread vulnerabilities as part of CVE-2026-3055? While we’ve been using our analysis from Part 1 (please […]

**AI-assisted malware development has reached operational maturity.** VoidLink framework, which is modular, professionally engineered, and fully functional, was built by a single developer using a commercial AI-powered IDE within a compressed timeframe. AI-assisted development is no longer experimental but produces deploymentready output. **AI-assisted development is not always obvious from the […]

# The Sequels Are Never As Good, But We’re Still In Pain (Citrix NetScaler CVE-2026-3055 Memory Overread) Sequels? Pain? We’re obviously talking about Citrix NetScalers, yet again. Welcome back to another watchTowr Labs blog post – pull up a chair, we always welcome new members to our group therapy sessions. […]

# A Technical Deep Dive into CVE-2024-23380: Exploiting GPU Memory Corruption to Android Root # Table of Contents In our last blog, we talked about Binder exploit and fuzzing, and how they can be used to achieve Local Privilege Escalation (LPE) from a zero-permission application to root. In this blog, […]

# VTSwapHook Pricing Error — Midpoint Approximation and Fee Accounting Exploit On 2026-03-28, the VTSwapHook contract ( `0xbf4b4a83708474528a93c123f817e7f2a0637a88`) deployed on Arbitrum was exploited through a **logic error** in its custom pricing formula. The hook implements a nonlinear (logarithm-based) price curve but approximates execution price using a simple midpoint average — […]

# EST BNBDeposit Claim Abuse and Pair Reserve Manipulation On 2026-03-27, the EST / BNBDeposit system on BNB Smart Chain was exploited through a **flash-loan-assisted reward-accounting flaw** in `BNBDeposit`, amplified by **fee-exempt routing and pair-state manipulation** in EST. The attacker borrowed `250,000 WBNB`, built a temporary claim-bearing share in `BNBDeposit` […]

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed a vulnerability in HikVision, as well as 10 in TP-Link, and 19 in Canva. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy. For Snort coverage that […]