31 matches found
DarkComet Spyware Resurfaces Disguised as Fake Bitcoin Wallet
Old DarkComet RAT spyware is back, hiding inside fake Bitcoin wallets and trading apps to steal credentials via keylogging...
EUVD-2013-7142
Malware in sbrugna...
EUVD-2025-3755
Malicious code in bioql PyPI...
LockBit’s Dark Web Domains Hacked, Internal Data and Wallets Leaked
LockBit’s dark web domains were hacked, exposing internal data, affiliate tools, and over 60,000 Bitcoin wallets in a…...
CVE-2025-24544
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dashed-slug.net Bitcoin and Altcoin Wallets wallets allows Reflected XSS.This issue affects Bitcoin and Altcoin Wallets: from n/a through = 6.3.1...
CVE-2025-24544
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dashed-slug.net Bitcoin and Altcoin Wallets wallets allows Reflected XSS.This issue affects Bitcoin and Altcoin Wallets: from n/a through = 6.3.1...
CVE-2025-24544 WordPress Bitcoin and Altcoin Wallets plugin <= 6.3.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dashed-slug.net Bitcoin and Altcoin Wallets wallets allows Reflected XSS.This issue affects Bitcoin and Altcoin Wallets: from n/a through = 6.3.1...
CVE-2025-24544
CVE-2025-24544 affects WordPress plugin Bitcoin and Altcoin Wallets (versions prior to 6.3.1). The root cause is improper input neutralization during web page generation, enabling a Reflected XSS vulnerability. Practical impact (as described) is that an attacker could inject malicious scripts via...
PT-2025-5394 · Unknown · Alexandros Georgiou Bitcoin/Altcoin Wallets
Name of the Vulnerable Software and Affected Versions: Alexandros Georgiou Bitcoin and Altcoin Wallets versions prior to 6.3.1 Description: The issue is related to improper neutralization of input during web page generation, which allows for Cross-site Scripting XSS attacks, specifically Reflecte...
WordPress plugin Bitcoin and Altcoin Wallets 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Bitcoin and Altcoin Wallets plugin <= 6.3.1 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Bitcoin and Altcoin Wallets versions = 6.3.1...
Randstorm Exploit: Bitcoin Wallets Created b/w 2011-2015 Vulnerable to Hacking
Bitcoin wallets created between 2011 and 2015 are susceptible to a new kind of exploit called Randstorm that makes it possible to recover passwords and gain unauthorized access to a multitude of wallets spanning several blockchain platforms. "Randstorm is a term we coined to describe a collection...
DataSurgeon - Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Secuirty Numbers And More From Text
DataSurgeon ds is a versatile tool designed for incident response, penetration testing, and CTF challenges. It allows for the extraction of various types of sensitive information including emails, phone numbers, hashes, credit cards, URLs, IP addresses, MAC addresses, SRV DNS records and a lot...
Bizarro Banking Trojan Sports Sophisticated Backdoor
A never-before-documented Brazilian banking trojan, dubbed Bizarro, is targeting customers of 70 banks scattered throughout Europe and South America, researchers said. According to an analysis from Kaspersky released Monday, Bizarro is a mobile malware, aimed at capturing online-banking credentia...
Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts
Facebook, Instagram, TikTok, and Twitter this week all took steps to crack down on users involved in trafficking hijacked user accounts across their platforms. The coordinated action seized hundreds of accounts the companies say have played a major role in facilitating the trade and often lucrati...
GHSA-H5VJ-F7R9-W564 Entropy Backdoor in text-qrcode
All versions of text-qrcode contain malicious code that overwrites the randomBytes method for the crypto module with a function that generates weak entropy. Instead of generating 32 bytes, the infected randomBytes will generate 3 bytes of entropy and hash them, resulting in a 32 byte value being...
Entropy Backdoor in text-qrcode
All versions of text-qrcode contain malicious code that overwrites the randomBytes method for the crypto module with a function that generates weak entropy. Instead of generating 32 bytes, the infected randomBytes will generate 3 bytes of entropy and hash them, resulting in a 32 byte value being...
Brazil's Banking Trojans Go Global
Malware that is typically used in Brazil is expanding its geography, targeting users in North America, Europe and elsewhere in Latin America. Banking trojans, which steal online banking logins and other financial credentials from unsuspecting victims, are fairly common – but the more sophisticate...
Unusual Linux Ransomware Targets NAS Servers
A rare instance of ransomware targeting Linux-based file storage systems network-attached storage servers, specifically has been spotted, spreading via 15 separate but related campaigns. The adversaries behind the effort are continuing their depredations on an ongoing basis, according to...
Rapidly Growing Electrum Botnet Infects Over 152,000 Users; Steals $4.6 Million
An ongoing attack against Electrum Bitcoin wallets has just grown bigger and stronger with attackers now targeting the whole infrastructure of the exchange with a botnet of over 152,000 infected users, raising the amount of stolen users' funds to USD 4.6 million. Electrum has been facing cyber...