Hijacked npm Packages Target API Keys Through Sophisticated Supply Chain Attack
Multiple cryptocurrency-related npm packages, active for over 9 years, were compromised to steal sensitive data through malicious obfuscated scripts. The attack, likely executed through compromised maintainer accounts, highlights critical security vulnerabilities in open-source software maintenance.
DeepSeek AI Phishing Campaign Targets Crypto Wallets and User Data
Multiple fraudulent websites impersonating DeepSeek have emerged following the Chinese AI company's recent model release, putting users' sensitive data and cryptocurrency at risk. Security researchers identified at least 16 active phishing sites using sophisticated evasion tactics and malicious packages to steal credentials and distribute malware.
Counterfeit Seagate Hard Drives from Chinese Chia Mining Operations Spark Global Scandal
A major fraud scheme involving counterfeit Seagate hard drives with falsified usage records has been traced to defunct Chinese cryptocurrency mining operations. The scandal has affected customers across multiple countries, prompting varied responses from retailers while Seagate launches an investigation.
Brazil Blocks Cryptocurrency Payments for Iris Scans in World ID Project
Brazil's data protection agency has ordered Tools for Humanity, co-founded by OpenAI's Sam Altman, to stop compensating citizens for iris scans with cryptocurrency. The regulatory action challenges the company's global biometric identity system amid concerns over data privacy and consent.
French Police Rescue Ledger Executive in Violent Cryptocurrency Kidnapping
French authorities successfully freed Ledger co-founder David Balland and his wife after a brutal 24-hour kidnapping involving cryptocurrency ransom demands. The GIGN tactical unit arrested ten suspects following the ordeal, which included severe violence against Balland.
North Korea's Digital Heist: Over $659M Stolen in Cryptocurrency Attacks
North Korean hackers, led by the Lazarus Group, orchestrated major cryptocurrency thefts totaling $659 million in 2024 through sophisticated social engineering tactics. The attacks targeted multiple exchanges including WazirX and DMM Bitcoin, prompting a joint warning from US, Japan and South Korea.
Inside the Professional Crime Machine: A Day with Elite Voice Phishing Operators
Modern voice phishing crews operate with military precision, utilizing sophisticated tools and tactics to target wealthy victims. With structured roles and meticulous planning, these cybercriminal enterprises can steal millions through elaborate social engineering schemes.
Cryptocurrency Mining Malware Infiltrates Home Server Through Exposed Docker Container
A cybersecurity researcher's personal server was hijacked by Kinsing malware after briefly exposing a Docker database container online. The incident highlights critical security lessons for home server administrators and the growing sophistication of threats targeting personal networks.
Congress Urged to Strengthen U.S. Election Security Against Foreign Cyber Threats
Cybersecurity experts testify before Congress about urgent needs to modernize election systems against evolving foreign threats, including cyber attacks and financial crime. Experts warn of vulnerabilities in legacy systems and recommend bipartisan action to protect election integrity through improved regulations and technology adoption.
North Korean Hackers Orchestrate $308M Bitcoin Heist from Japanese Exchange
A sophisticated social engineering attack by North Korean hacking group TraderTraitor resulted in the theft of $308 million in Bitcoin from DMM Bitcoin exchange. The attack, which began with targeting an employee at crypto wallet company Ginco, marks one of the largest cryptocurrency heists of 2024.