In a recent security breach, the Ethereum Foundation's mailing list was leaked due to a vulnerability in SendPulse, the email automation service used by the foundation, as reported by Ethereum core developer Tim Beiko. The attacker exploited this vulnerability to send phishing emails from updates@ethereum.org to subscribers. Beiko urged users not to click any links sent from that email and confirmed that access to the mailing list has been restricted.
Phishing attacks are becoming increasingly common in the crypto space. Last year, Ethereum co-founder Vitalik Buterin's X account was hacked, resulting in a loss of around $800,000. More recently, CoinStats, a cryptocurrency portfolio tracker, experienced a phishing attack affecting 1,590 cryptocurrency wallets, representing 1.3% of all its wallets.
In light of these incidents, it's crucial for users to remain vigilant and for organizations to strengthen their security measures. Despite these challenges, the potential of blockchain technology, including DeFi and BRC 20, remains promising.