Unleash Protocol’s decentralized IP platform suffered a $3.9 million theft due to an unauthorized contract upgrade facilitated by a compromised multisig governance system. The stolen assets were anonymized using Tornado Cash, highlighting significant risks in DeFi security and governance controls. #UnleashProtocol #TornadoCash
Tag: BLOCKCHAIN
Trust Wallet’s Chrome extension was compromised on December 24, resulting in the theft of over $7 million in cryptocurrency through a supply chain attack and malicious code. Users are advised to update to version 2.69 and remain vigilant against related phishing scams. #TrustWallet #ChromeExtension #SupplyChainAttack #PhishingScams
Trust Wallet has urged users to update their Chrome extension to prevent further losses after a security incident affected about $7 million worth of digital assets. The breach involved malicious code in version 2.68, which allowed hackers to extract wallet mnemonics and drain funds, possibly by insiders or nation-state actors. #TrustWallet…
Multiple users reported their Trust Wallet Chrome extension was compromised on December 24, leading to over $6 million in stolen cryptocurrency assets. Threat actors exploited a malicious update and a phishing campaign to exfiltrate wallet data and trick users into revealing seed phrases. #TrustWallet #ChromeExtensionSecurity
Over the past year Socket observed a rise in destructive open-source packages that directly sabotage developer environments by deleting source code, breaking builds, and wiping repositories or CI artifacts. These packages—published to npm, PyPI, NuGet, and Go module indexes—used remote kill switches, time-delays, typosquatting/dependency confusion, and remote payload loaders to trigger targeted codebase destruction. #Socket #npm
The 2022 LastPass data breach’s encrypted vault backups have been exploited over years, with Russian cybercriminals cracking weak master passwords to steal cryptocurrency assets until late 2025. Threat analysis reveals links to Russian exchanges and sophisticated laundering techniques, emphasizing ongoing risks in digital asset security. #LastPass #TRMLabs #RussianCybercriminals #CryptocurrencyTheft…
ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories
Cybersecurity is evolving with attackers blending into normal tech environments using sophisticated tactics like open-source tools, AI, and social engineering. The future of defense depends on increased awareness of these subtle and innovative threats. #Nezha #RokRAT…
The SEC has charged multiple companies and individuals involved in a sophisticated cryptocurrency scam that defrauded over $14 million from retail investors. The scam involved fake platforms, social media ads, WhatsApp investment groups, and fictitious AI-generated tips, with proceeds transferred abroad. #CryptoFraud #InvestmentScam…
Several cryptocurrency companies were sued by the SEC for running a sophisticated investment scam that defrauded investors of over $14 million using fake social media promotions and AI-generated content. The scam involved manipulated screenshots, false licenses, and fake security token offerings, with stolen funds transferred internationally to Southeast Asia. #SEC #CryptocurrencyFraud…
Cybersecurity researchers have uncovered a malicious npm package named “lotusbail” that masquerades as a WhatsApp API but secretly intercepts messages and links attackers to victims’ WhatsApp accounts. The package has been widely downloaded, enabling attackers to steal credentials, harvest contacts, and maintain persistent access—posing a significant threat to users. #WhatsAppSecurity #npmMalware…
Sysdig TRT documented EtherRAT, a fileless, Ethereum smart-contract–backed implant delivered via React2Shell (CVE-2025-55182) that provides persistent access, comprehensive credential and crypto-wallet theft, worm-like propagation, web server hijacking, and SSH backdoor installation. The blockchain-based C2 grants attackers resilient command-and-control while creating an immutable forensic trail that exposed C2 URLs, wallet addresses, and a brief Grabify-based victim enumeration step. #EtherRAT #React2Shell
North Korea has increased its digital operations significantly, stealing over $2 billion in cryptocurrency in 2025 and deploying sophisticated fake IT worker schemes. These efforts are part of a broader strategy to fund the regime and avoid sanctions, with many cyberattacks linked to North Korean threat actors. #NorthKoreaCyberattacks #Chainalysis #BybitHeist #AmazonITWorkers…
North Korean hackers stole over $2 billion in 2025, focusing on large-scale, targeted crypto thefts and sophisticated money laundering techniques. Their operations significantly contributed to the overall rise in crypto thefts, highlighting their strategic shift towards high-value attacks. #NorthKoreanHackers #CryptoTheft2025…
Threat actors linked to North Korea caused a record-breaking $2.02 billion in cryptocurrency thefts in 2025, primarily through high-profile attacks like the Bybit hack. Their operations include sophisticated money laundering schemes and infiltration of IT workers globally to fund North Korea’s regime. #LazarusGroup #BybitHack…
ReversingLabs uncovered a NuGet supply-chain campaign (July–October 2025) involving 14 malicious packages that impersonated legitimate crypto libraries to steal wallet secrets, OAuth credentials, or redirect funds. The packages used homoglyphs, version bumping, inflated download counts and hidden functions (e.g., Shuffle, MapAddress) to exfiltrate data to hxxps://solananetworkinstance[.]info/api/gads or overwrite transaction destinations. #Netherеum.All #NuGet