BlockBeats News, March 3 — Lido officially announced that there is a potential vulnerability in the ZKsync wstETH bridge contract. Currently, there is no evidence that the vulnerability has been exploited, and wstETH holders on ZKsync are unaffected. Other bridging contracts are also unaffected. As a precaution, Lido has paused deposits to the ZKsync bridge contract. Withdrawals from zkSync and token transfers are unaffected.
Lido has prepared a fix, which will be audited and deployed during the next scheduled on-chain Lido governance comprehensive vote (late March/early April). After that, deposit functions will be restored. Further updates will be issued based on the situation.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
CZ发声警告“代上币”骗局:冒充关系渠道几乎全部为诈骗
赵长鹏(CZ)在X平台提醒,加密行业中的“代上币”服务多为骗局,声称能以关系帮助项目上线的中介应被视为高风险。上币流程需经过严格审核,非个人关系可影响。CZ呼吁项目方通过官方渠道提升合规能力,降低诈骗风险。
GateNews2m ago
金色午报 | 3月25日午间重要动态一览
特朗普称万斯参与与伊朗的和平谈判;LiteLLM漏洞导致约300GB数据被盗;GameStop质押比特币后净亏损1.316亿美元;Tether暂停200亿美元融资计划;贝莱德预计未来五年加密业务将带来5亿美元收入。
金色财经_13m ago
一句pip install偷光所有密钥:Karpathy称LiteLLM投毒为「软件界最恐怖的事」
OpenAI 成员 Karpathy 指出,LiteLLM 开发工具遭遇供应链攻击,导致用户 SSH 密钥等敏感信息遭窃。中毒版本已从 PyPI 下架,恶意代码可通过简单安装引发大规模泄露,攻击暴露后仅存活约1小时。开发方已采取措施防止重犯。
BlockBeatNews28m ago
Backpack Clarifies: Polymarket User Attempting to Manipulate Coin Price Is Not a Backpack Team Insider
Backpack officially stated that a certain trader holds large open positions on Polymarket, believing that the BP token's FDV will exceed $200 million one day after TGE, and attempted to push the price above $0.2. After investigation, these traders are unrelated to Backpack, and the company maintains zero tolerance for insider trading.
BlockBeatNews1h ago
SlowMist: LiteLLM Vulnerability Attackers Have Stolen Approximately 300GB of Data
On March 25, Slowmist Chief Information Security Officer 23pds revealed that attackers exploited the LiteLLM vulnerability to steal approximately 300GB of data and 500,000 credentials. He advised cryptocurrency developers to immediately check and rotate relevant keys to prevent losses. LiteLLM had previously suffered supply chain attacks with severe impact.
金色财经_1h ago
Slowmist CISO: DarkSword Attack Tool Leaked, iOS Users Advised to Update System Immediately
Gate News Alert: On March 25, 23pds, Chief Information Security Officer at SlowMist Technology, posted a reminder on social media on the 23rd warning that the DarkSword attack tool has been leaked, and all iOS users should update their systems immediately. According to the report, the core capability of this attack tool is to extract forensic-level data from iOS devices through HTTP interfaces. In actual attacks, threat actors can combine social engineering or watering hole attacks to trick users into infection, thereby stealing data from iPhones and iPads and uploading it to servers controlled by the attackers.
GateNews2h ago
