Another quiet week with just a couple of news on critical vulnerabilities in Trezor hardware wallets and Monero. If you are planning to go to Defcon this year, stop by the Blockchain Village for plenty of talks on the blockchain security topics.

Bugs:

• Unfixable Seed Extraction on Trezor - A practical and reliable attack - a critical and unpatchable flaw was found in the Trezor family of hardware wallets which allows a technically sophisticated attacker to extract the master seed. The attack requires physical access to the device. The vulnerability is partially mitigated if a separate strong passphrase is set on top of the master seed to generate HD wallet keys. Trezor wallet team has stated that they were aware of the risk since the design phase.

• Monero security flaw could’ve seen XMR stolen from cryptocurrency exchanges - nine security vulnerabilities were disclosed as part of Monero’s bug bounty program including multiple DoS vulnerabilities and a critical flaw that could trick monero-…