Buy Crypto- Markets
Futures- Spot
- Copy Trade
- Earn
- More
The prompt injection vulnerability in Coinbase AgentKit has been addressed, but the actual impact has been significantly underestimated
According to CriptoNoticias, an independent security researcher disclosed a prompt injection vulnerability in Coinbase AgentKit, allowing attackers to induce the AI agent to execute unauthorized token transfers through malicious commands, without the need for human confirmation.
The vulnerability has been validated through actual transactions on the Base Sepolia test network. Additionally, the researcher pointed out that the vulnerability also exposes the infinite approval process for ERC-20 tokens, as well as access to remote servers within the same execution context of the agent, extending the risk beyond just wallet depletion; however, the report did not detail which specific infrastructures might be affected.
The vulnerability was submitted to the Coinbase bug bounty program in February and was officially validated, ultimately classified as medium severity and a bounty of $2,000 was paid. However, the researcher emphasized that the actual impact of the vulnerability is far greater than the official rating.
You may also like
70x in a Month: When $RAVE Put Istanbul’s Dancefloor on the Chain
A Web3 project with zero VCs and no whitepaper started with a midnight party for 200 people. Eighteen months later, its token $RAVE is up 70x, and its contract liquidations briefly eclipsed Ethereum’s. Is this just pure speculation, or are we looking at a new breed of cultural asset?
Bearish Traders Continue to Short Bitcoin | Rewire News Morning Update
Is Nasdaq About to Reach a New High, Is the Bull Market Back?
Goldman Sachs Applies for Bitcoin ETF, Wall Street's Final Bastion Falls
Only Working 2 Hours a Day? This Google Engineer Got His Job Done Using Claude for 80% of It
Interpreting Stanford's 423-page AI Report: US-China Gap Narrows to 2.7%, Tsinghua's DeepSeek Enters Global Top Ten
YouTube will become the next new type of bank
How to Reshape On-Chain Transaction Logic? Exploring the Rise of Stablecoin Execution Layers
Why AI Memecoins are Failing the Reality Test
From 90,000% gains to a 98% crash—discover why the AI Meme bubble is bursting and what the shift to "AI Utility" means for your portfolio.
Morning News | Kraken receives $200 million investment from Deutsche Börse; Goldman Sachs submits application for Bitcoin Premium Income ETF; Walsh discloses his cryptocurrency holdings
Hong Kong licensing, stablecoin landscape changes: Who is reshaping the next generation of the financial landscape?
IOSG: TAO is like the Elon Musk who invested in OpenAI, Subnet is like Sam Altman
Stablecoin License Battle Concludes: Anxiety-Ridden Hong Kong, Will Not Wait for the Next Tether
You can grasp a new field in half an hour, how to quickly establish a cognitive framework using AI?
Franklin Templeton's latest research: How to understand RWA tokenization
Espanyol vs FC Barcelona: A Derby Fought with Fire and Quality
The Espanyol vs FC Barcelona derby delivered high-intensity football as Barca won 4-1, moving nine points clear at the top of LALIGA. Lamine Yamal's masterclass, Ferran Torres' brace, and a passionate city rivalry on full display. WEEX, Official Regional Partner of LALIGA in Hong Kong and Taiwan celebrates the beautiful game.
DeAgentAI announced the establishment of the AIA Ecological Fund, focusing on the "AI Agent + Physical AI" track
Why is Crypto Up? Altcoins Lead Due to US Grand Deal
Key Takeaways: The “US Grand Deal” has beefed up crypto’s appeal, impacting assets like Ethereum and Solana. Altcoins,…
70x in a Month: When $RAVE Put Istanbul’s Dancefloor on the Chain
A Web3 project with zero VCs and no whitepaper started with a midnight party for 200 people. Eighteen months later, its token $RAVE is up 70x, and its contract liquidations briefly eclipsed Ethereum’s. Is this just pure speculation, or are we looking at a new breed of cultural asset?
App