CoinDesk Fixes CMS Exploit That Leaked Headlines Before Publication
The vulnerability appears to have allowed someone accessing an API to trade on nonpublic information ahead of the publication of at least one article.
Updated May 11, 2023 at 4:08 p.m. UTC
CoinDesk has fixed an issue that exposed the headlines of articles saved as drafts in the crypto news publication’s content management system (CMS).
The exploit, which was brought to CoinDesk’s attention by a white-hat hacker, may have allowed unidentified actors to profit from nonpublic information by making trades ahead of the publication of at least one article.
The issue is now fixed and added safeguards have been put in place.
We regret this unintended deviation from our commitment to level playing fields in crypto markets.
Michael J. Casey, chief content officer
Kevin Worth, CEO