Malicious npm Packages Target Solana Users in Sophisticated Crypto Theft Campaign
Security researchers uncover a sophisticated attack using fake npm packages to steal Solana wallet credentials through Gmail's SMTP servers. The multi-platform campaign includes malicious GitHub repositories and packages with destructive capabilities, highlighting critical risks in the cryptocurrency software supply chain.
AWS Cloud Storage at Risk: New Ransomware Weaponizes S3 Encryption Features
A sophisticated ransomware group called Codefinger is exploiting AWS's native encryption features to lock down S3 buckets, marking a concerning evolution in cloud-based attacks. The group leverages stolen credentials and legitimate AWS functionality to encrypt data, making recovery impossible without the attacker's key.
New 'Fickle Stealer' Malware Emerges with Advanced Evasion and Data Theft Capabilities
A sophisticated Rust-based malware dubbed 'Fickle Stealer' has been discovered using multiple attack vectors and advanced anti-detection methods. The threat actively targets cryptocurrency wallets, browsers, and communication apps while employing complex techniques to evade security controls.
North Korean Hackers Steal $308M in Sophisticated Crypto Heist from Japanese Firm
US and Japanese authorities identify North Korean hacking group 'TraderTraitor' as responsible for a major cryptocurrency theft from DMM. The attackers used elaborate social engineering via LinkedIn to compromise a wallet software company employee, leading to the theft of over 4,500 Bitcoin.
LastPass Breach Sparks $45M Cryptocurrency Heist Wave
A catastrophic LastPass security breach has led to over $45 million in cryptocurrency thefts affecting more than 150 users since 2022. The latest attack before Christmas saw hackers steal $5.36 million from approximately 40 users, highlighting ongoing vulnerabilities from the initial breach.
Major Data Breach at Byte Federal Exposes 58,000 Bitcoin ATM Users' Personal Data
A significant security breach at Byte Federal, a leading US Bitcoin ATM operator, has compromised sensitive data of 58,000 customers through a GitLab vulnerability. The breach exposed personal information including government IDs and transaction records, prompting immediate security measures and customer warnings.
Turkish Highway Toll App Hit by Bitcoin Ransom Attack Through Push Notification Exploit
Turkey's electronic toll collection app HGS was compromised through its notification system API, with hackers demanding $25,000 in Bitcoin from users. While the Post and Telegraph Directorate assured data security, the incident exposed vulnerabilities in the widely-used public service application.
Teen's $50,000 Memecoin Windfall Sparks Family Harassment Crisis
A California teenager's $350 cryptocurrency experiment yielded an unexpected $50,000 profit, but quickly devolved into a harassment campaign targeting his family. The incident highlights the volatile nature of memecoin trading and raises concerns about the intersection of youth entrepreneurship and unregulated digital assets.
AI Library Ultralytics Hit by Crypto Mining Malware in Supply Chain Attack
Security researchers uncovered cryptocurrency mining malware embedded in two versions of the popular Ultralytics AI library on PyPI. The sophisticated attack exploited GitHub Actions to inject malicious code, prompting urgent calls for users to upgrade to the latest secure version.
Global Cybercrime Sting: INTERPOL Operation Nets 5,500 Arrests and $400M in Seized Assets
A massive five-month INTERPOL operation spanning 40 countries has resulted in over 5,500 arrests and the seizure of $400 million in virtual assets. The operation uncovered sophisticated voice phishing networks and cryptocurrency scams, demonstrating increased international cooperation in fighting cybercrime.