What happened. In short, @Ledger made a chain of terrible blunders. They are loading JS from a CDN.
14 Dec 2023, 13:08
What happened?
In short, @Ledger made a chain of terrible blunders.
1. They are loading JS from a CDN.
2. They are not version locking loaded JS.
3. They had their CDN compromised.
I would avoid using ANY dApps until their teams confirm that they have mitigated the attack.
Same news in other sources
3
14 Dec 2023, 13:25
Nexus Bond - Fusionist Airdrop Claim Period Description
Nexus Bond Airdrop has been released, with special instructions regarding the claim period
🖍The claiming period for Nexus Bond rewards is from :
- [EachPeriodStartingTimestamp, EachPeriodStartingTimestamp+48Hrs]
⬇️
- Within 48 hours after the start of each period
Claim time in first period
Dec 18th 7:00am(utc) - Dec 20th 7:00am(utc)
⚠️Tips:Please Claim The Reward Within This Period, Otherwise The Reward Will Be Invalid.
The first period
Dec 18th 7:00am(utc) - Dec 24th 23:59am(utc)
More Details
Nexus Bond - Fusionist Airdrop Claim Period Description.
Nexus Bond - Fusionist Airdrop Claim Period Description
Nexus Bond Airdrop has been released, with special instructions regarding the claim period
🖍The claiming period for Nexus Bond rewards is from :
- [EachPeriodStartingTimestamp, EachPeriodStartingTimestamp+48Hrs]
⬇️
- Within 48 hours after the start of each period
Claim time in first period
Dec 18th 7:00am(utc) - Dec 20th 7:00am(utc)
⚠️Tips:Please Claim The Reward Within This Period, Otherwise The Reward Will Be Invalid.
The first period
Dec 18th 7:00am(utc) - Dec 24th 23:59am(utc)
More Details
https://ace.fusionist.io/nexusbond
14 Dec 2023, 13:23
careful out there
careful out there.
careful out there https://x.com/bantg/status/1735279127752540465?s=20
14 Dec 2023, 13:10
🚨 Urgent Security Alert 🚨
We've identified a critical issue the ledger connector has been compromised, potentially allowing the injection of malicious code affecting various dApps.
🔴 If you have the Sushi page open and see an unexpected 'Connect Wallet' pop-up, DO NOT…
Urgent Security Alert.
🚨 Urgent Security Alert 🚨
We've identified a critical issue the ledger connector has been compromised, potentially allowing the injection of malicious code affecting various dApps.
🔴 If you have the Sushi page open and see an unexpected 'Connect Wallet' pop-up, DO NOT…