Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
Bleeping Computer

Malicious code in Tornado Cash governance proposal puts user funds at risk

Malicious JavaScript code hidden in a Tornado Cash governance proposal has been leaking deposit notes and data to a private server for almost two months. This leak compromises the privacy and security ...
Hosted on MSN

Don’t fall for this – ClickFix attacks now include video instructions and can recognize your operating system

ClickFix style attacks, which have already become an increasingly popular social engineering tool to spread malware, have now evolved to include new steps to trick users into infecting their own ...
PC Magazine

$1.4 Billion Crypto Heist Traced To Hackers Breaching Safe{Wallet}

The hackers were also quick to delete the malicious Javascript code from Safe {Wallet} system after stealing the cryptocurrency. “The investigation determined that the JavaScript resources were ...
SiliconANGLE

Fortinet identifies thousands of malicious software packages exploiting open-source repositories

A new report out today from Fortinet Inc.’s FortiGuard Labs highlights a growing wave of malicious software packages exploiting system vulnerabilities. Based on data collected since November 2024, the ...
Cryptopolitan

dYdX targeted as malicious packages empty its user wallets

Researchers have revealed that bad actors are targeting dYdX and using malicious packages to empty its user wallets.