woodser: We're confirming a second exploit in Haveno's protocol. The attacker exploited a vulnerability in the dispute resolution process to forge a dispute payout. We'll publish a security patch for review and tag a new release as soon as possible. In the meantime, we recommend backing up your application directory to preserve any data related to the incident.

From Haveno Developmet dev channel:

It's not the same exploit as May. Last time, attackers replaced the legit arbitrator's address with their own, this time, the arbitrator appears to be a legitimate one. (two legit Reto arbs are: http://7xktb2noofpx7vqom5d6b4gub6wi2znkfhbowtv2xxkbx63simfj3bqd.onion and http://53xjwdhry2aoqmysvqetzttgusriix3v2akgrzd4k5tvoqqvsfzxb6yd.onion), but the attacker is still abusing the forced-arbitration flow to release XMR after 30 confirmations without sending BTC...

🚨Haveno PSA - Ongoing Attack: If you're running RetoSwap, revoke all offers and pause trading. Attacker (buyer) fg2lhfhgjrfz4oywqy2mfwfehhqsjse6wyrtdczsrhtves2jofi2qpad.onion (already banned from the network) is taking buy offers → forcing arbitration → trades close with no BTC sent, but XMR is released after 30 confirmations. Arbitrator: 7xktb2noofpx7vqom5d6b4gub6wi2znkfhbowtv2xxkbx63simfj3bqd.onion Trading halted. Check your open trades. Stay safe.

🙏

Tracking remains one of the most obvious pain points for privacy-conscious people in today’s surveillance economy, and it shows up clearly in #XmrBazaar’s data. The majority of listings in the top four categories exist to solve exactly this problem. You want a verified account but refuse to hand over your credit card details to a platform: You can pay someone to handle it for you and gift you the X/Twitter blue checkmark. You want to use AI tools without letting the company build a permanent profile of every conversation you have: You can pay someone to create the account and pay on your behalf. These rank among the most popular services because the free market is doing exactly what it’s meant to do: identifying real problems people are willing to pay to solve, then delivering practical, effective solutions.

New The Meritocrat Article: Voluntary Markets in an Involuntary World Centralized chokepoints, free-market solutions to the surveillance economy, and the push toward truly decentralized infrastructure. https://themeritocrat.substack.com/p/voluntary-markets-in-an-involuntary

One friend called the Bob Dylan's painting from my substack letter (https://aillia.substack.com/p/roads-less-traveled) "awful AI slop, not even a good one." Another said the whole piece "feels AI-generated". People's attitudes are messed up in an interesting way: they can't differentiate anymore: everything is suspect as AI slop. Thanks to this, we've entered Hesse’s Age of the Feuilleton from The Glass Bead Game: "The most important consequence of this new attitude… was that men largely ceased to produce works of art. Moreover, intellectuals gradually withdrew from the bustle of the world." I'm 100% anonymous/pseudonymous = I can’t prove I'm not a bot anymore. The only "proof" left seems to be historical records, ID, or biometrics... and that's not happening in my case. At least Bob Dylan never had to prove he isn’t a bot to anyone :))

there is at least one person in Monero Matrix chats who claims that he/she is from China

thank you :) but I'm afraid we can't trust that they won't do it again... I told Doug and the dev yesterday that even with the quick restoration I still firmly believe we should move to a more reliable and friendly host like , or even one that simply ignores DMCAs + a second host for redundancy.

I reposted that comment on Pitch :)) ...and fwd'd/pasted to bazaar's dev chat too

Icelandic government?

"There's 100 articles about everywhere from Yahoo Finance to Bob's Shit Dick blog." Looks like my Pitch friends OSINT'd them already: "Piecing together the #osint isn't hard to do. Everyone that wants their BTC will know where they live in no time. Just from 3 different sites, I already know it's in Ann Arbor (Washtenaw County), they're in their 30's. Joe is a software engineer and Amy's a graduate student. Their closing date is June 4, 2026. Anyone can scan the Registrar of Deeds' books. This is soooo bad." https://pitchprash4aqilfr7sbmuwve3pnkpylqwxjbj2q5o4szcfeea6d27yd.onion/p/29961b3c#p-d027e4d4

This is nightmare-level OPSEC. Praying it's just an AI-generated photo with fake names… because if it's not, this might be the last photo of them with all ten fingers attached...

No, not even remotely: anarchism = opposition to the state (and other coercive, involuntary hierarchies). That's it. Marxism is a specific economic and historical theory: class struggle, labor theory of value, eventual abolition of private property, and (in Marx's own words) a "**dictatorship** of the proletariat" as a transitional step. Ancap is the clearest counter-example to "every anarchist by definition Marxist", but there are other flavors too :)

I spent 3 years as a Marxist. I protested. I made crazy demands. I accepted no responsibility. No accountability. But then I turned 4.