🚨 Ledger Donjon disclosed a critical flaw in Tangem’s Android app, where fake ...

2025-06-21 00:56:28

🚨 Ledger Donjon disclosed a critical flaw in Tangem’s Android app, where fake cards could pass as genuine by spoofing public keys and IDs.

The issue? Improper attestation checks. (Patched in v5.18.3).

NVK (nprofile…znla) covers the bug, the fix, and its security implications in BR097.

Author Public Key

npub1qdcakl75gd7wv0nqmmwrz09ddm5tzl7xj8lq2gclng2qzd8up5yqjpzclt

Seen on

wss://us.azzamo.net wss://nos.lol wss://relay.damus.io

Show more details

BitcoinReview on Nostr: 🚨 Ledger Donjon disclosed a critical flaw in Tangem’s Android app, where fake ...