The slides for a recent Black Hat talk on vulnerability in many nostr clients is up.
https://i.blackhat.com/BH-USA-25/Presentations/USA-25-Kimura-Not-Sealed-Practical-Attacks-on-Nostr.pdf
I haven't had a chance to read through it completely yet but seems like most, if not all, of what they lay out are known issues and things we've all been working to fix for a while now. 🤷♂️
