In this episode we talked about the largest crypto-related bug bounty payout ever. Compound accidentally sent millions in rewards due to a bug. StakeSteak left private keys on a Github repo resulting in compromise. A vulnerability was discovered in Rocketpool & Lido that would allow an ETH 2.0 node operator to perform front-running attacks against stakers. Indexed Finance, Pancake Hunny, and CreatureToadz all had security issues this week. We also discussed the potential for malicious NFTs and how they could be used to attack users on OpenSea.

Show Notes at: https://coinsecpodcast.com/Episode-45-6a8c7733f17b4cec8358ddeb92887a4f

00:00 - CoinSec Podcast Ep 45 – https://coinsecpodcast.com/Episode-45-6a8c7733f17b4cec8358ddeb92887a4f 01:23 - Story # 1: https://cointelegraph.com/news/crypto-market-cap-hits-new-all-time-high-as-btc-eth-soar 04:34 - Story # 2: https://decrypt.co/83997/polygon-dodges-850m-hack-pays-record-2m-bounty 11:38 - Story # 3: https://decrypt.co/82499/compound-exploit-drains-21m-from-lending-protocol 15:16 - Story # 4: https://stakesteak.medium.com/10-4-post-mortem-82edf38b0064 20:09 - Story # 5: https://medium.com/immunefi/rocketpool-lido-frontrunning-bug-fix-postmortem-e701f26d7971 24:30 - Story # 6: https://rekt.news/indexed-finance-rekt/ 41:57 - Story # 7: https://ownsnap.com/pancake-hunny-hunny-crashes-50-as-it-faces-token-leaks-in-pools/ 51:33 - Story # 8: https://thedrop.beehiiv.com/p/creature-toadz-hacked 55:58 - Story # 9: https://research.checkpoint.com/2021/check-point-research-prevents-theft-of-crypto-wallets-on-opensea-the-worlds-largest-nft-marketplace/