Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages
The compromised version, @injectivelabs/sdk-ts@1.20.21, came embedded with fake telemetry functionality that exfiltrated data from cryptocurrency wallets. The version was
Police suspects Dutch hackers were involved in Odido breach
URGENT – Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat
The company has temporarily disabled access to the affected accounts, a step it says it took “out of an abundance of caution” while it works with internal and external security
Progress urges ShareFile customers to shut down servers over “credible” threat
Six New U-Boot Flaws Could Let Malicious Images Crash Devices or Run Code at Boot
Four of the bugs can crash a device. The other two could let an attacker who slips a malicious image in front of the bootloader run their own code, before the device
Hackers exploit critical auth bypass in Gitea Docker image
Money launderer accused of stealing seized crypto while in prison
In Other News: DHS Database Hacked, Adobe Boosts Patch Cadence, Canada Disrupts Ransomware Ops
Other noteworthy stories that might have slipped under the radar: Abnormal AI sued by Anthropic, AssuranceAmerica data breach affects 7 million people, NSA brings back TAO.
The post In Other News: DHS Database Hacked, Adobe Boosts Patch Cadence, Canada Disrupts Ransomware Ops appeared first on SecurityWeek.
Laser Attack Resets Tangem Wallet Passwords on Cards That Can’t Be Patched
No old password. No backup card. Once it is reset, whoever did it controls the wallet and can move the coins out.
This is not an emergency for most owners. The attack needs
