FBI has confirmed that North Korean hackers stole $1.5 billion from cryptocurrency exchange Bybit on Friday in the largest crypto heist recorded until now. […]
Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers
The U.S. Federal Bureau of Investigation (FBI) formally linked the record-breaking $1.5 billion Bybit hack to North Korean threat actors, as the company’s CEO Ben Zhou declared a “war against Lazarus.”
The agency said the Democratic People’s Republic of Korea (North Korea) was responsible for the theft of the virtual assets from the cryptocurrency exchange, attributing it to a specific cluster
The agency said the Democratic People’s Republic of Korea (North Korea) was responsible for the theft of the virtual assets from the cryptocurrency exchange, attributing it to a specific cluster
Southern Water says Black Basta ransomware attack cost £4.5M in expenses
United Kingdom water supplier Southern Water has disclosed that it incurred costs of £4.5 million ($5.7M) due to a cyberattack it suffered in February 2024. […]
GrassCall scam drains crypto wallets through fake web3 job interviews
A recent social engineering campaign targeted job seekers in the Web3 space with fake job interviews through a malicious “GrassCall” meeting app that installs information-stealing malware to steal cryptocurrency wallets. […]
GrassCall malware campaign drains crypto wallets via fake job interviews
A recent social engineering campaign targeted job seekers in the Web3 space with fake job interviews through a malicious “GrassCall” meeting app that installs information-stealing malware to steal cryptocurrency wallets. […]
VSCode extensions with 9 million installs pulled over security risks
Microsoft has removed two popular VSCode extensions, ‘Material Theme – Free’ and ‘Material Theme Icons – Free,’ from the Visual Studio Marketplace for allegedly containing malicious code. […]
Now Live: Ransomware Resilience & Recovery Summit – Join the Virtual Event In-Progress
SecurityWeek’s 2025 Ransomware Resilience & Recovery Summit takes place today, February 26th, as a fully immersive virtual event.
The post Now Live: Ransomware Resilience & Recovery Summit – Join the Virtual Event In-Progress appeared first on SecurityWeek.
Hackers Exploited Krpano Framework Flaw to Inject Spam Ads on 350+ Websites
A cross-site scripting (XSS) vulnerability in a virtual tour framework has been weaponized by malicious actors to inject malicious scripts across hundreds of websites with the goal of manipulating search results and fueling a spam ads campaign at scale.
Security researcher Oleg Zaytsev, in a report shared with The Hacker News, said the campaign – dubbed 360XSS – affected over 350 websites,
Security researcher Oleg Zaytsev, in a report shared with The Hacker News, said the campaign – dubbed 360XSS – affected over 350 websites,
PyPi package with 100K installs pirated music from Deezer for years
A malicious PyPi package named ‘automslc’ has been downloaded over 100,000 times from the Python Package Index since 2019, abusing hard-coded credentials to pirate music from the Deezer streaming service. […]
Lazarus hacked Bybit via breached Safe{Wallet} developer machine
Forensic investigators have found that North Korean Lazarus hackers stole $1.5 billion from Bybit after hacking a developer’s device at the multisig wallet platform Safe{Wallet}. […]