Critical Counterfeiting Vulnerability Discovered and Fixed in Zcash's Orchard Pool
By
Jason McGee
Summary
On May 29, 2026, security researcher Taylor Hornby discovered a critical counterfeiting vulnerability in Zcash's Orchard pool. The vulnerability was disclosed to Zcash Open Development Lab (ZODL), which coordinated an ecosystem-wide emergency response that fixed the issue by June 2. Shielded Labs provided additional context after reviewing the report and discussing the implications internally. The vulnerability could have allowed counterfeiting of Zcash tokens, posing a serious threat to the cryptocurrency's integrity.
Source
Key quotes
· 3 pulledOn May 29, 2026, Taylor Hornby discovered a critical counterfeiting vulnerability in Zcash's Orchard pool.
Taylor disclosed the vulnerability to Zcash Open Development Lab (ZODL), who coordinated an ecosystem-wide emergency response to fix the vulnerability, which was completed on June 2.
After reviewing Taylor's report and discussing the implications of the vulnerability internally, Shielded Labs believes it is important to provide additional context.
You might also wanna read
Zcash Price Climbs 13% in a Week as Network Preps Ironwood Upgrade
Security Researcher Discovers Critical Data Vulnerability in Sports Insurer Portal, Faces Legal Threats Instead of Cooperation
A diving instructor and platform engineer discovers a critical security vulnerability in a sports insurer's portal during a dive trip, expos

Malicious Backdoor Discovered in XZ Utils Compression Software Affecting Linux Systems
The article details the discovery of a sophisticated backdoor in the XZ Utils compression software, a critical open-source component used in
Ongoing Cybersecurity Threat: XZ Utils Backdoor Persists in Docker Images
The article discusses the lingering threat of the XZ Utils backdoor, initially discovered in March last year, which was inserted into the li

Synthetic Stablecoins and Financial Stability
Supply Chain Attacks on Open-Source Software: Case Study of Malicious Pull Request Attempts
The article discusses recent supply chain attacks on open-source software projects like LiteLLM and axios, with a specific case study of att

Comments
Sign in to join the conversation.
No comments yet. Be the first.