The EOS community said that this was only FUD and that all the vulnerabilities were fixed. But there is another group saying that the EOS development team is not that confident on the platform's security.
Also, there are rumors that there might be a delay on the release of the mainnet.
After EOS dumped all their ETH, and the release of this critical vulnerability, I reckon the most skeptical of you might be thinking of 2 words.
Exit Scam.
Security researchers have discovered a series of new vulnerabilities in EOS blockchain platform, one of which could allow remote hackers to take complete control over the node servers running the critical blockchain-based applications.
Discovered by Chinese security researchers at Qihoo 360—Yuki Chen of Vulcan team and Zhiniang Peng of Core security team—the vulnerability is a buffer out-of-bounds write issue which resides in the function used by nodes server to parse contracts.
To achieve remote code execution on a targeted node, all an attacker needs to do is upload a maliciously crafted WASM file (a smart contract) written in WebAssembly to the server.
As soon as the vulnerable process parser reads the WASM file, the malicious payload gets executed on the node, which could then also be used to take control over the supernode in EOS network—servers that collect transaction information and pack it into blocks.Read the full article https://thehackernews.com/2018/05/eos-blockchain-smart-contract.html?m=1
