Security report / 1st May 2024

Our dev team has fixed a vulnerability in the back end of CYBRO's website. The vulnerability allowed attackers to earn points without making a real purchase of CYBRO tokens by making an API call on the back end.

Only one attacker managed to exploit this vulnerability, his points were erased from the database. The attacker stole no tokens. The smart contract was not exploited.

Last updated