Grim Finance lost $30M, new hire blamed for vulnerability Hackers stole >$30M from Grim Finance by exploiting platform vulnerability. Due to the advanced attack, all vaults were put on pause to prevent further attacks. The exploit was found in the platform’s vault contract. The company has notified DAI, AnySwap, and Circle (USDC) of the incident
Terrifying zero-click iPhone attack The surveillance company NSO Group developed an exploit allowing the users of its software to gain access to an iPhone to install malware – in this case, a target does not even need to click on a link. Last month, NSO Group was added to the “entity list” of the US
Discord tokens are stolen by malicious NPM packages 17 new malicious packages in the npm (Node.js package manager) repository have been discovered by the security firm JFrog. The key purpose of these packages is to steal users’ Discord tokens. By hijacking users’ Discord tokens, attackers can get full control over the victims’ accounts. In the
$120 million hack affecting Badger DAO Protocol Badger DAO Protocol has fallen victim to a hack, $120.3 million in cryptocurrencies was stolen from its users. The first messages from users mentioning possible problems were coming on Wednesday at 9 p.m. ET. According to the data provided by PeckShield, the total amount of lost assets included
Users may see their passwords stolen by a “silent threat” delivered by stealthy malware A new JavaScript downloader is used by cybercriminals to distribute 8 kinds of remote access Trojan malware and information-stealing malware. The key purpose of this malicious activity is to gain backdoor control of infected Windows systems and steal sensitive information such
Courses on how to build botnets by dark web crooks Botnets are widely used to commit ransomware attacks, distribute malware and, generally, perform many other types of malicious activities. And this threat is likely to increase in the coming future since dark web forums are actively offering lessons to visitors on how to make money
Attackers can smuggle malware onto your network via a sneaky trick A relatively new form of cyberattacks dubbed “HTML smuggling” has been flagged by Microsoft. This malicious technique is used during targeted cyberattacks and in email campaigns deploying remote access Trojans and banking malware. Through this malicious technique, an attacker can “smuggle” encoded malicious script
FBI warning: Ransomware groups are tying their attacks to major events in the financial world Significant financial events are used by ransomware groups as leverage during their malicious activities. Such events as mergers and acquisitions are an ideal time for ransomware groups to commit attacks aimed at making victims pay the ransom. Before committing these
HTTPS Threats: 314% increase compared to 2020 According to the State of Encrypted Attacks report released by cybersecurity firm Zscaler, tech companies and retailers are facing a growing number of https threats since January. HTTPS threats have increased by 314% while attacks on retailers have increased by 800%, and attacks on tech companies by an
