No JavaScript? That's cool too! Check out the Web 1.0 version of this site.

A black-and-white promo card for the project, with text that reads 'White label; 120+ unique portraits; first NFT offering!; limited edition; collect them all!; $99 each (initial price)' The image features three NFTs, of Kelsey Hightower, Yan Zhu, and Bill Joy."Faces of Open Source" promotional image (attribution)
Some prominent open source advocates and contributors were surprised to find that their likenesses were turned into NFTs by an artist who photographed them in 2018. Kris Nóva tweeted, "What would you do if you woke up and found out somebody made an NFT of you? Because that just happened to me and a lot of other open source contributors and thought leaders." She later wrote that the photographer "ended up reaching out, his heart is totally in the right place." However, it still seems pretty gross to me that the NFT creator didn't check with the subjects before using their likenesses in the NFT project, and that he prominently featured Kelsey Hightower, an outspoken critic of web3 who I suspect would not approve of his image being used in such a way, in the branding for the project.
Theme tags: Bad idea, Shady business
Blockchain tags: Blockchain: Ethereum
Tech tags: NFT

A digital rendering of a Bob Ross Funko Pop, sitting in a paint canBob Ross NFT (attribution)
Because apparently the vinyl figurines known as Funko Pops aren't a sufficiently useless collectible, Funko decided to get in on the NFT craze by releasing a Bob Ross "Digital Pop". Ross made major changes to his will just before his death to try to prevent people from merchandising his legacy, and many fans were outraged by the NFT project, which they believe is exactly the sort of thing he was trying to prevent from happening.
Theme tags: Bad idea
Blockchain tags: Blockchain: WAX
Tech tags: NFT

A 3D black asterisk over a bright green backgroundVisor Finance logo (attribution)
A reentrancy exploit in the Ethereum-based Visor Finance DeFi protocol allowed hackers to pull 8.8 million VISR tokens out of the network, equivalent to about $8.2 million. The VISR token went from trading at around $0.93 to around $0.04, losing more than 95% of its value. The Visor team subsequently announced that they will perform a token migration to compensate affected users. Visor has suffered other hacks since its launch earlier this year, despite having undergone several audits.
Theme tags: Bug, Hack or scam
Blockchain tags: Blockchain: Ethereum
Tech tags: DeFi, cryptocurrency

Another Discord scam netted its perpetrators around 800 SOL, or about $150,000, from 373 individuals. The scammer posted a fake minting link in the official Discord of Fractal, the upcoming NFT and blockchain gaming marketplace co-founded by Twitch co-founder Justin Kan. Fractal said it would be compensating all who fell for the scam. The scam was apparently made possible by a compromise of the "Grape Protocol" Discord tools, and also targeted users of the Monkey Kingdom NFT collection Discord that same day.
Theme tags: Hack or scam
Blockchain tags: Blockchain: Solana
Tech tags: NFT

A pixel-art monkey on a light yellow background. It is wearing a red turtleneck sweater and Santa hatOne of the Monkey Kingdom NFTs (attribution)
An NFT trader hoping to get in on the "Monkey Kingdom" NFT collection was duped by a scam link in the project's official Discord channel, and sent 650 SOL (about $116,000) to a scammer. "It is important money to my family: my wife, my son", they wrote on Twitter. Another person replied to his tweet to say they too had been duped by the Discord scammer, to the tune of about 19.5 SOL (about $3,500). In total, the phishing link netted the attacker about $1.3 million. The scam was apparently made possible by a compromise of the "Grape Protocol" Discord tools, and also targeted users of the Fractal project's Discord that same day.
Theme tags: Bummer, Hack or scam
Blockchain tags: Blockchain: Solana
Tech tags: NFT

An angular B, in white, purple, and cyan on a black backgroundBent Finance logo (attribution)
Bent Finance informed its users of a "possible exploit", but soon after issued a statement that the exploit had originated from the Bent Finance deployer. Because of this, some speculated that it may have been a rug pull. Bent said in a statement, "There are multiple members on this team and we will make this right. We recommend you withdraw all funds until it is clear." The platform hasn't revealed how much money was lost, though a crypto fraud investigator wrote that 440 ETH (equivalent to about $1.8 million) appeared to have been funneled out of the platform. The attack was discovered on December 20, but appeared to have been ongoing since at least December 12, and possibly longer.
Theme tags: Hack or scam, Rug pull
Tech tags: DeFi

Tweet by @designnvt: "@chivowallet Van hacer algo o no ya es demasiado que clase de suporte tienen, son $16000 que ha sacado su sistema sin autorización, ya es demasiado tendré que llamar a una radio o televisión para que lo publiquen si no dan una respuesta." There is a screenshot of about a dozen transactions, each around $800One of the tweets reporting apparent theft (attribution)
A Twitter thread showed dozens of people reporting amounts from hundreds to tens of thousands of dollars disappearing from their Chivo Wallets, the bitcoin wallet backed by El Salvadoran President Nayib Bukele. El Salvador adopted Bitcoin as legal tender in September of this year, where it is used alongside the U.S. dollar.
Theme tags: Shady business
Blockchain tags: Blockchain: Bitcoin
Tech tags: DeFi

An illustration of a grim reaper on a purple gradient backgroundGrim Finance logo (attribution)
Grim Finance, the "compounding yield optimizer" DeFi platform, was hacked. According to them, attackers exploited a bug in the platform to perform a reentrancy attack that netted them $30 million. Grim, indeed. A cryptocurrency watchdog group, RugDoc, opined that the exploit was possible because of very basic mistakes in implementation, and wrote, "Hopefully all projects can draw lessons from this incident that there is much knowledge most experienced solidity devs have at hand. If you haven't acquired this yet, don't build multi-million dollar projects. Don't get audits from companies which everyone knows are useless." This was apparently a dig at Solidity Finance, who had performed an audit several months prior to the hack and found that "ReentrancyGuard is used in relevant locations to preent[sic] reentrancy attacks."
Theme tags: Bug, Hack or scam
Tech tags: DeFi

Adidas NFT, a monkey wearing a tracksuitAdidas NFT (attribution)
Anticipating that buyers would try to hoard items from a big-name NFT drop, Adidas decided to try to limit their NFT drop to two per buyer. They apparently didn't realize that there is no guarantee that one address = one individual, and a crafty blockchain engineer, Montana Wong, created a smart contract that generated additional smart contracts, each with their own address. These contracts snapped up NFTs, then transferred them to the engineer's primary wallet and self-destructed. Wong was able to snag 330 NFTs.
Theme tags: Hmm
Blockchain tags: Blockchain: Ethereum
Tech tags: NFT, metaverse

Screenshot of DeviantArt Protect, software which detects similar artwork being used off-site. In the screenshot, artwork depicting a minotaur has been directly copied with no apparent modifications and posted on an NFT marketplace.DeviantArt Protect software detecting stolen artwork (attribution)
Comics artist Liam Sharp wrote on Twitter that he would likely need to close his DeviantArt gallery, which he has maintained for fourteen years, because his artwork keeps being minted as NFTs without his permission. He wrote, "I can't - and shouldn't have to - report each one and make a case, which is consistently ignored. Sad and frustrating."
Theme tags: Shady business
Tech tags: NFT