Nostr Web Client

🚨 Ledger Donjon disclosed a critical flaw in Tangem’s Android app, where fake cards could pass as genuine by spoofing public keys and IDs.

The issue? Improper attestation checks. (Patched in v5.18.3).

nostr:nprofile1qqsw3znfr6vdnxrujezjrhlkqqjlvpcqx79ys7gcph9mkjjsy7zsgygpzfmhxue69uhk7enxvd5xz6tw9ec82cspz4mhxue69uhhyetvv9ujumt0wd68ytnsw43qqyznla covers the bug, the fix, and its security implications in BR097.