CoinDesk Fixes CMS Exploit That Leaked Headlines Before Publication
The vulnerability appears to have allowed someone accessing an API to trade on nonpublic information ahead of the publication of at least one article.
CoinDesk has fixed an issue that exposed the headlines of articles saved as drafts in the crypto news publication’s content management system (CMS).
The exploit, which was brought to CoinDesk’s attention by a white-hat hacker, may have allowed unidentified actors to profit from nonpublic information by making trades ahead of the publication of at least one article.
The issue is now fixed and added safeguards have been put in place.
We regret this unintended deviation from our commitment to level playing fields in crypto markets.
Michael J. Casey, chief content officer
Kevin Worth, CEO
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.
Learn more about Consensus 2023, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.