Posts
CoinStats users beware - coins sent to your watch-only wallet are not where you think they are
Remote multisig theft attack on the Coldcard hardware wallet
Coldcard isolation bypass
How nearly all personal hardware wallet multisig setups are insecure
A pitfall of Rust's move/copy/drop semantics and zeroing data
A ransom attack on Trezor's and KeepKey's passphrase handling
Embedding structs and interfaces break modularity and semantic versioning in Go
A theft attack on Trezor Model T
subscribe via RSS