Cosmos
ATOMThe Internet of Blockchains
News Heat Trend
Project Overview
Cosmos is a rapidly expanding ecosystem of independent, interconnected blockchains built using developer-friendly application components and connected via the groundbreaking IBC (Inter-Blockchain Communication) protocol. With Cosmos, developers can choose to construct entirely autonomous, application-specific blockchains that can easily interconnect.
Event-related news
AI-Driven Vulnerability Bounty Reports Surge, Leaving Crypto Protocol Teams Overwhelmed by “AI Spam”
According to Cointelegraph, the widespread adoption of AI is driving up the number of submissions to cryptocurrency industry bug bounty programs—but a flood of low-quality “AI spam” reports has also emerged, placing a heavy burden on protocol teams for triaging. Barry Plunkett, Co-CEO of Cosmos Labs, stated that submission volume to its platform surged 900% year-on-year, with 20–50 reports received daily; Kadan Stadelmann, CTO of Komodo Platform, likewise noted a marked rise in low-quality and false-positive reports, attributing the root cause primarily to AI’s drastic reduction in the cost of generating reports. Daniel Stenberg, creator of the open-source tool curl, has already shut down his bug bounty program outright due to being overwhelmed. In response, industry insiders recommend that teams deploy defensive AI systems to automatically triage reports and adopt stricter submission criteria—reducing the volume of invalid reports and ensuring genuine vulnerabilities receive timely attention.
Security researchers disclose a CometBFT zero-day vulnerability that will not directly result in asset theft.
Security researcher Doyeon Park announced on X that he discovered and disclosed a high-severity CVSS 7.1 zero-day vulnerability in the Cosmos consensus layer (CometBFT). This vulnerability could cause network nodes to stall during block synchronization, thereby affecting system operation—but it cannot directly lead to asset theft. Doyeon Park stated that he made every effort to follow the Coordinated Vulnerability Disclosure (CVD) process; however, due to the project team’s lack of cooperation and “irresponsible decisions,” he ultimately chose to publicly disclose the vulnerability details, adding that any resulting security risks would be borne by the relevant project teams.
Related news
AI-Driven Vulnerability Bounty Reports Surge, Leaving Crypto Protocol Teams Overwhelmed by “AI Spam”
According to Cointelegraph, the widespread adoption of AI is driving up the number of submissions to cryptocurrency industry bug bounty programs—but a flood of low-quality “AI spam” reports has also emerged, placing a heavy burden on protocol teams for triaging. Barry Plunkett, Co-CEO of Cosmos Labs, stated that submission volume to its platform surged 900% year-on-year, with 20–50 reports received daily; Kadan Stadelmann, CTO of Komodo Platform, likewise noted a marked rise in low-quality and false-positive reports, attributing the root cause primarily to AI’s drastic reduction in the cost of generating reports. Daniel Stenberg, creator of the open-source tool curl, has already shut down his bug bounty program outright due to being overwhelmed. In response, industry insiders recommend that teams deploy defensive AI systems to automatically triage reports and adopt stricter submission criteria—reducing the volume of invalid reports and ensuring genuine vulnerabilities receive timely attention.
Security researchers disclose a CometBFT zero-day vulnerability that will not directly result in asset theft.
Security researcher Doyeon Park announced on X that he discovered and disclosed a high-severity CVSS 7.1 zero-day vulnerability in the Cosmos consensus layer (CometBFT). This vulnerability could cause network nodes to stall during block synchronization, thereby affecting system operation—but it cannot directly lead to asset theft. Doyeon Park stated that he made every effort to follow the Coordinated Vulnerability Disclosure (CVD) process; however, due to the project team’s lack of cooperation and “irresponsible decisions,” he ultimately chose to publicly disclose the vulnerability details, adding that any resulting security risks would be borne by the relevant project teams.
Cosmos Hub’s proposal to integrate Osmosis failed to pass governance, and Osmosis will continue operating independently.
According to official announcements, the Cosmos Hub’s proposal to integrate Osmosis narrowly failed to pass governance. Osmosis stated that although the outcome is not the option it believes best for Cosmos, it thanks the community, validators, and all parties who participated in the discussion. Osmosis emphasized that it will continue operating as an independent, revenue-generating blockchain. Over the coming weeks, the team will advance Osmosis’s next-phase roadmap, prioritizing user security and business continuity; further details regarding the protocol and team plans will be announced shortly.