frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Ask HN: Anyone Using a Mac Studio for Local AI/LLM?

43•UmYeahNo•1d ago•27 comments

Ask HN: Non AI-obsessed tech forums

17•nanocat•5h ago•11 comments

Ask HN: Ideas for small ways to make the world a better place

8•jlmcgraw•7h ago•16 comments

Ask HN: 10 months since the Llama-4 release: what happened to Meta AI?

42•Invictus0•23h ago•11 comments

AI Regex Scientist: A self-improving regex solver

5•PranoyP•9h ago•1 comments

Ask HN: Who wants to be hired? (February 2026)

139•whoishiring•4d ago•510 comments

Ask HN: Who is hiring? (February 2026)

312•whoishiring•4d ago•511 comments

Ask HN: Any International Job Boards for International Workers?

2•15charslong•4h ago•1 comments

Ask HN: Why LLM providers sell access instead of consulting services?

4•pera•15h ago•13 comments

Tell HN: Another round of Zendesk email spam

104•Philpax•2d ago•54 comments

Ask HN: Is Connecting via SSH Risky?

19•atrevbot•1d ago•37 comments

Ask HN: What is the most complicated Algorithm you came up with yourself?

3•meffmadd•17h ago•7 comments

Ask HN: Has your whole engineering team gone big into AI coding? How's it going?

17•jchung•1d ago•12 comments

Ask HN: How does ChatGPT decide which websites to recommend?

5•nworley•1d ago•11 comments

Ask HN: Is it just me or are most businesses insane?

7•justenough•1d ago•5 comments

Ask HN: Mem0 stores memories, but doesn't learn user patterns

9•fliellerjulian•2d ago•6 comments

Ask HN: Anyone Seeing YT ads related to chats on ChatGPT?

2•guhsnamih•1d ago•4 comments

Ask HN: Does global decoupling from the USA signal comeback of the desktop app?

5•wewewedxfgdf•1d ago•2 comments

Ask HN: Is there anyone here who still uses slide rules?

123•blenderob•3d ago•122 comments

Kernighan on Programming

170•chrisjj•4d ago•61 comments

We built a serverless GPU inference platform with predictable latency

5•QubridAI•1d ago•1 comments

Ask HN: How Did You Validate?

4•haute_cuisine•1d ago•4 comments

Ask HN: Cheap laptop for Linux without GUI (for writing)

15•locusofself•3d ago•16 comments

Ask HN: Have you been fired because of AI?

17•s-stude•3d ago•15 comments

Test management tools for automation heavy teams

2•Divyakurian•1d ago•2 comments

Ask HN: Does a good "read it later" app exist?

7•buchanae•3d ago•18 comments

Ask HN: OpenClaw users, what is your token spend?

14•8cvor6j844qw_d6•4d ago•6 comments

Ask HN: Anyone have a "sovereign" solution for phone calls?

11•kldg•3d ago•1 comments

Ask HN: Has anybody moved their local community off of Facebook groups?

23•madsohm•4d ago•17 comments

How do you deal with SEO nowadays?

5•jackota•1d ago•8 comments
Open in hackernews

I just got banned by Immunefi for reporting a real replay attack on LayerZero V2

5•tangou•6mo ago
I just got banned by Immunefi for reporting a real replay attack on LayerZero V2.

I discovered that lzReceive() allows infinite replays of valid cross-chain messages, due to the lack of guid tracking. This results in repeated token crediting — a critical flaw.

My PoC used real deployed contracts, no forged data. The vulnerability is 100% reproducible.

Instead of investigating, Immunefi rejected my report without a technical rebuttal — and banned me for "complexity poaching".

Full Story: https://medium.com/@tangouvitch/immunefi-banned-me-for-reporting-a-real-replay-attack-in-layerzero-v2-71d5ee0ff102

Do you think this is a valid bug? Was the ban justified? Should Immunefi be held accountable?

Curious to hear what the Ethereum community thinks.

Comments

lompad•6mo ago
Interesting, can this directly be used to make money? Maybe by the employee reading your report?

Edit: Maybe send a report to steve from grc, he loves those kinds of stories.

xxHkrPkrxx•6mo ago
Yeah I've spent a lot of time, writing PoC and they keep getting denied depending on the company, why even try to save their asses, and assets if they're going to treat us like this, starting to really get depressed.