Slow Mist founder Cosine X issued a statement saying that the attacker used the XSS vulnerability of the Cointelegraph website to trick the target user to open the Cointelegraph official website (with XSS malicious script), so: - malicious script loading execution; - The address bar is set to https://cointelegraph [.] com/not-public/drafts/article-1033 at first glance, I thought it was an official unpublished draft; - Sign in with X box; - After clicking Sign in with X, open X's third-party app authorization, and leave a large blank in the permission list. If you don't pay attention to clicking authorization at this time, the relevant permissions of the X platform will be taken over by the attacker.