$3.2M drained from 86 Gnosis Safes on Base and Ethereum in under 2 hours via a vulnerable third-party SquidRouterModule ...

Developer platform Socket says a malware called TrapDoor is targeting crypto and AI developers across npm, PyPI and Crates, aiming to steal crypto wallet info and browser data.

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...

EchoCreep, which uses Discord for C&C communication, and GraphWorm, which uses Microsoft Graph API for the same purpose. The ...

Four chainable flaws in OpenClaw allowed attackers to move from an initial foothold to persistent system-level compromise by ...

The Claw Chain OpenClaw vulnerabilities can be abused to steal credentials, escape the sandbox, and plant backdoors on the ...

A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed ...

Volo Protocol, a yield-generating platform built on the Sui blockchain, confirmed on Tuesday that it suffered an exploit that drained approximately $3.5 million in assets. The attack targeted specific ...

Hackers exploited a cross-chain bridge on Saturday, draining nearly $300 million from a key piece of decentralized finance infrastructure and setting off a ripple effect across multiple crypto ...

The contagion from the Kelp exploit could have been contained, but at the cost of capital efficiency, according to the founder of Curve Finance. The exploit of the Kelp liquid restaking protocol shows ...

PCWorld reports on the ‘RedSun’ vulnerability in Microsoft Defender affecting Windows 10, 11, and Server systems that allows attackers to gain administrative privileges. Security researcher Chaotic ...

An iPhone exploit that involves a linked Visa card can allow attackers to steal money from a locked device using NFC, but the process is complex, requiring physical access and specialized hardware.