Tag: blockchain
-
Microsoft and Cloudflare execute ‘rugpull’ on massive phishing empire
Tags: access, ai, attack, blockchain, breach, computer, credentials, crime, crimes, crypto, cybercrime, data, detection, exploit, extortion, finance, fraud, infrastructure, international, law, microsoft, phishing, programming, scam, service, strategy, threat, toolLegal victory with limitations: Microsoft’s investigation identified Joshua Ogundipe, based in Nigeria, as the operation’s leader and primary architect. The company filed a lawsuit against Ogundipe and four associates listed as John Does in late August, then obtained a court order from the US District Court for the Southern District of New York in early…
-
Israel announces seizure of $1.5M from crypto wallets tied to Iran
The Israeli government ordered the seizure of 187 wallets it said belong to the IRGC, which have over time received $1.5 billion in crypto, according to a blockchain analysis firm. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/15/israel-announces-seizure-of-1-5-million-from-crypto-wallets-tied-to-iran/
-
Israel announces seizure of $1.5 million from crypto wallets tied to Iran
The Israeli government ordered the seizure of 187 wallets it said belong to the IRGC, which have over time received $1.5 billion in crypto, according to a blockchain analysis firm. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/15/israel-announces-seizure-of-1-5-million-from-crypto-wallets-tied-to-iran/
-
Republic and Incentiv Partner to Simplify and Reward Web3 Participation
Tags: blockchainRepublic today announced a strategic partnership with Incentiv, an EVM-compatible Layer 1 blockchain designed to make Web3 simple,… First seen on hackread.com Jump to article: hackread.com/republic-incentiv-partner-reward-web3-participation/
-
Massive npm supply chain attack hits 18 popular packages with 2B weekly downloads
Tags: api, attack, blockchain, breach, crypto, data, detection, email, finance, github, malicious, malware, monitoring, network, open-source, phishing, risk, strategy, supply-chain, theft, tool, update, vulnerabilityFinancial impact surprisingly limited: Despite affecting packages with 2 billion weekly downloads, the actual financial impact was surprisingly modest. “We were tracking approximately $970 in stolen funds to attacker-controlled wallets,” Eriksen said, highlighting a significant disconnect between the attack’s potential reach and its realized damage.This limited financial impact reflected both the attackers’ operational carelessness and…
-
Massive npm supply chain attack hits 18 popular packages with 2B weekly downloads
Tags: api, attack, blockchain, breach, crypto, data, detection, email, finance, github, malicious, malware, monitoring, network, open-source, phishing, risk, strategy, supply-chain, theft, tool, update, vulnerabilityFinancial impact surprisingly limited: Despite affecting packages with 2 billion weekly downloads, the actual financial impact was surprisingly modest. “We were tracking approximately $970 in stolen funds to attacker-controlled wallets,” Eriksen said, highlighting a significant disconnect between the attack’s potential reach and its realized damage.This limited financial impact reflected both the attackers’ operational carelessness and…
-
Malicious npm packages use Ethereum blockchain for malware delivery
Tags: attack, blockchain, crypto, github, infrastructure, malicious, malware, open-source, software, supply-chaincolortoolsv2 and mimelib2 that used Ethereum smart contracts for malware delivery in July. But not much effort was put into making those packages look legitimate and attractive for developers to include in their projects, which is usually the goal of supply chain attacks with rogue npm packages.The colortoolsv2 package, and the mimelib2 one that later…
-
Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers
Cybersecurity researchers have discovered two new malicious packages on the npm registry that make use of smart contracts for the Ethereum blockchain to carry out malicious actions on compromised systems, signaling the trend of threat actors constantly on the lookout for new ways to distribute malware and fly under the radar.”The two npm packages abused…
-
Formal Methods for Stellar DeFi: Verifying Lending Protocol with Certora Sunbeam Prover
Hello! My name is Kirill Ziborov, and I’m a formal verification engineer and security researcher at Positive Web3. From February 24 to March 18, an audit contest for the Blend protocol on the Stellar blockchain was held on the Code4rena. In addition to the traditional manual audit, the competition included a formal verification track using…
-
Meet the unsung silent hero of cyber resilience you’ve been ignoring
Tags: ai, blockchain, compliance, computing, cyber, cybersecurity, defense, detection, dora, framework, GDPR, governance, infrastructure, iot, monitoring, network, PCI, regulation, resilience, technology, toolFixing this isn’t complicated. It just needs your focused attention: First, secure your sources. Forget public NTP servers from dubious origins. Instead, choose authenticated and secure protocols, such as NTP or Network Time Security (NTS). These protocols offer encrypted and tamper-resistant synchronization, ensuring that your clocks can’t be easily spoofed.Next, redundancy matters. Don’t rely on…
-
Wie CISOs von der Blockchain profitieren
Tags: access, ai, api, blockchain, ciso, compliance, framework, governance, identity, LLM, network, saas, sbom, software, tool, zero-trustDie Blockchain macht Trust verifizierbar.Sicherheitsvorfälle gehen nicht nur auf eine Kompromittierung der internen Systeme zurück. Sie hängen regelmäßig auch damit zusammen, dass:Privileged-Access-Protokolle fehlen,SaaS-Audit-Trails nicht vertrauenswürdig sind, oderLieferketten kompromittiert werden.Die Blockchain kann dabei helfen, diese realen Probleme zu lösen und Manipulationssicherheit, Datenintegrität und Trust zu gewährleisten. Im Kern ist Blockchain ein System von Datensätzen, die über…
-
9 things CISOs need know about the dark web
Tags: 2fa, access, ai, attack, automation, backup, blockchain, botnet, breach, captcha, ceo, ciso, communications, corporate, credentials, crypto, cyber, cybercrime, cybersecurity, dark-web, data, data-breach, ddos, deep-fake, defense, detection, dns, exploit, extortion, finance, fraud, group, guide, hacking, identity, incident, incident response, infrastructure, intelligence, international, jobs, law, leak, lockbit, malicious, malware, marketplace, mfa, monitoring, network, open-source, phishing, privacy, ransomware, resilience, risk, russia, saas, scam, service, strategy, tactics, technology, threat, tool, training, vpn, vulnerability, zero-dayNew groups form after major marketplaces are disrupted: International takedown efforts damage infrastructure and curb cybercrime operations by disrupting larger operations, removing major players from the ecosystem and scattering user bases.However, the dark web is highly adaptive and sophisticated actors often maintain contingency plans, including mirrors, backups, and alternative forums, according to Edward Currie, associate…
-
Embargo Ransomware nets $34.2M in crypto since April 2024
Embargo ransomware, likely a BlackCat/Alphv successor, has netted $34.2M in crypto since mid-2024, researchers say. The Embargo ransomware group has processed $34.2M in crypto since emerging in April 2024, researchers from Blockchain intelligence company TRM Labs report. >>TRM Labs has identified approximately USD 34.2 million in incoming transaction volume likely associated with the group, with…
-
AI Agents Can Hack Smart Contracts on Autopilot
AI Tools Can Steal Crypto Autonomously, Even From Audited Code. Armed with just a smart contract address, researchers developed an autonomous artificial intelligence tool that can scan for vulnerabilities, write working exploits in the Solidity blockchain programming language and siphon funds. It behaves more like a human hacker, said its co-creator. First seen on govinfosecurity.com…
-
Russia turns to Kyrgyzstan’s booming crypto sector to evade sanctions, researchers say
According to a new report by blockchain intelligence firm TRM Labs, Kyrgyz-registered exchanges have repeatedly been used by sanctioned Russian entities. First seen on therecord.media Jump to article: therecord.media/russia-turns-to-kyrgystan-crypto-sanctions
-
Chainalysis: $2.17 billion in crypto stolen in first half of 2025, driven by North Korean hacks
The value of losses to crypto thefts has soared this year to more than $2 billion over the first six months, the blockchain analytics company Chainalysis found. First seen on therecord.media Jump to article: therecord.media/chainalysis-crypto-stolen-billions
-
Abacus Dark Web Market Suspected of Exit Scam with Held Bitcoin Funds
The largest Bitcoin-enabled Western darknet marketplace, Abacus Market, has gone offline amid widespread suspicions of an exit scam that may have cost users millions of dollars in held cryptocurrency funds. TRM Labs, a blockchain analytics firm, assesses that the marketplace’s operators likely shut down operations and disappeared with users’ Bitcoin and Monero deposits in early…
-
North Korean Hackers Exploit Zoom Invites in Attacks on Crypto Companies
Tags: attack, blockchain, crypto, cyber, cybersecurity, data-breach, exploit, hacker, jobs, malware, north-korea, phishing, spear-phishing, tactics, threatCybersecurity firm SentinelOne has exposed an ongoing malware campaign orchestrated by North Korean threat actors, known for their persistent >>fake interview
-
MITRE Launches AADAPT Framework to Counter Real-World Attacks on Digital Asset Systems
The MITRE Corporation has unveiled its comprehensive AADAPT framework (Adversarial Actions in Digital Asset Payment Technologies), a specialized knowledge base designed to catalog and counter sophisticated attacks targeting digital asset management systems, cryptocurrency exchanges, and blockchain infrastructure. The framework represents a significant advancement in cybersecurity defense for the rapidly evolving digital asset sector. Modeled after…
-
Hacker Returns $42 Million in Stolen Crypto in Exchange for $5 Million Bounty
A security flaw in the GMX V1 software was made public, causing a significant upheaval in the decentralized finance (DeFi) ecosystem and forcing immediate action to protect user assets. GMX, a prominent perpetual futures trading platform built on blockchain technology, relies on its V1 protocol for liquidity provision through its GLP (GMX Liquidity Provider) token.…
-
Weaponized AI Extension Used by Hackers to Swipe $500,000 in Crypto
Tags: ai, attack, blockchain, crypto, cyber, cyberattack, cybersecurity, hacker, malicious, open-source, russia, toolA Russian blockchain engineer lost over $500,000 in cryptocurrency holdings in June 2025 after being the victim of a carefully planned cyberattack, serving as a terrifying reminder of the perils that might exist in open-source ecosystems. The attack, investigated by cybersecurity experts, revealed the use of a malicious extension disguised as a legitimate tool for…
-
Supply Chain Attack Unleashed via Compromised VS Code Extension
Tags: attack, blockchain, crypto, cyber, github, malicious, open-source, software, supply-chain, threat, toolA sophisticated supply chain attack targeting cryptocurrency developers through the compromise of ETHcode, a legitimate Visual Studio Code extension with nearly 6,000 installations. The attack, executed through a malicious GitHub pull request, demonstrates how threat actors can weaponize trusted development tools using minimal code changes, raising serious concerns about open-source software security in the blockchain…
-
The trust crisis in the cloud”¦and why blockchain deserves a seat at the table
Tags: access, blockchain, breach, cloud, compliance, control, credentials, crypto, data, data-breach, framework, gartner, iam, identity, infrastructure, jobs, risk, threat, tool, zero-trustLimited visibility and tamperable logs. Cloud providers manage logs and telemetry internally. As tenants, we often depend on them to provide logs after an incident without a guarantee of tamper-proof integrity. This lack of transparency hampers forensic investigations and incident response.Privilege concentration and insider risk. CSP administrators often hold elevated access privileges, making them single…
-
The trust crisis in the cloud”¦and why blockchain deserves a seat at the table
Tags: access, blockchain, breach, cloud, compliance, control, credentials, crypto, data, data-breach, framework, gartner, iam, identity, infrastructure, jobs, risk, threat, tool, zero-trustLimited visibility and tamperable logs. Cloud providers manage logs and telemetry internally. As tenants, we often depend on them to provide logs after an incident without a guarantee of tamper-proof integrity. This lack of transparency hampers forensic investigations and incident response.Privilege concentration and insider risk. CSP administrators often hold elevated access privileges, making them single…
-
Drei zentrale Cybersicherheitsrisiken von Quantencomputing
Heute verschlüsselte Daten, die künftig entschlüsselt werden könnten. Manipulation der Blockchain. Quantenresistente Ransomware. Es ist eines der drängendsten technologischen Themen der kommenden Dekade: die zunehmende Relevanz von Quantencomputern und deren mögliche Auswirkungen auf die digitale Sicherheit. Als Cybersicherheitsrisiken gelten verschlüsselte Daten, die künftig entschlüsselt werden könnten, Manipulation der Blockchain und quantenresistente Ransomware. Klassische Computer stoßen……