Stealing Bitcoin with Cross-Site Request Forgery (Ride the Lightning + Umbrel)
Ride the Lightning is a popular add on for Bitcoin full-node distributions like Umbrel. A recent bug would have allowed remote attackers to empty Bitcoin wallets via malicious JavaScript, due to an overly permissive HTTP CORS header.