Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
Bleeping Computer

Malicious code in Tornado Cash governance proposal puts user funds at risk

Malicious JavaScript code hidden in a Tornado Cash governance proposal has been leaking deposit notes and data to a private server for almost two months. This leak compromises the privacy and security ...
Hosted on MSN

Don’t fall for this – ClickFix attacks now include video instructions and can recognize your operating system

ClickFix style attacks, which have already become an increasingly popular social engineering tool to spread malware, have now evolved to include new steps to trick users into infecting their own ...
PC Magazine

$1.4 Billion Crypto Heist Traced To Hackers Breaching Safe{Wallet}

The hackers were also quick to delete the malicious Javascript code from Safe {Wallet} system after stealing the cryptocurrency. “The investigation determined that the JavaScript resources were ...
Cryptopolitan on MSN

Malicious packages empty dYdX user wallets

dYdX has been targeted by bad actors using malicious packages to empty its user wallets.