Lucene search
K

531 matches found

HackRead
HackRead
added 2022/06/14 10:46 p.m.16 views

Hackers Using Web3 Backdoor Wallets to Steal Seed Phrases from iOS/Android Users

By Deeba Ahmed A Chinese-speaking, technically skilled threat actor distributes backdoored applications to extract cash from victims in a newly discovered… This is a post from HackRead.com Read the original post: Hackers Using Web3 Backdoor Wallets to Steal Seed Phrases from iOS/Android Users...

2.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/06/13 1:50 p.m.43 views

Chinese Hackers Distribute Backdoored Web3 Wallets for iOS and Android Users

A technically sophisticated threat actor known as SeaFlower has been targeting Android and iOS users as part of an extensive campaign that mimics official cryptocurrency wallet websites intending to distribute backdoored apps that drain victims' funds. Said to be first discovered in March 2022, t...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/06/10 9:10 a.m.19 views

Researchers Detail How Cyber Criminals Targeting Cryptocurrency Users

Cybercriminals are impersonating popular crypto platforms such as Binance, Celo, and Trust Wallet with spoofed emails and fake login pages in an attempt to steal login details and deceptively transfer virtual funds. "As cryptocurrency and non-fungible tokens NFTs become more mainstream, and captu...

0.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/08 8:52 a.m.2 views

Malicious code in web3-upgrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf78823fc9ddf62eca0f10cc1821da790ae75e4f0cf267dfc45b5a6b5e21c7b4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/08 8:52 a.m.5 views

MAL-2022-7085 Malicious code in web3-upgrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf78823fc9ddf62eca0f10cc1821da790ae75e4f0cf267dfc45b5a6b5e21c7b4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/05/31 1:10 p.m.3 views

Malicious code in web3-util-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1a079ce568f965c6fa2d0c2fa555d7c1956d79fa87d4e252ca54afaa5e677d3a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/05/31 1:10 p.m.13 views

MAL-2022-7086 Malicious code in web3-util-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1a079ce568f965c6fa2d0c2fa555d7c1956d79fa87d4e252ca54afaa5e677d3a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Malwarebytes
Malwarebytes
added 2022/05/03 1:16 p.m.30 views

Airdrop phishing: what is it, and how is my cryptocurrency at risk?

Airdrop phishing is a really popular tactic at the moment. It emerged alongside the explosion of Web3/NFT/cryptocurrency popularity, and ensures scammers get a slice of the money pie. You may well have heard the term in passing, and wondered what an Airdrop is. Is your iPhone about to be Airdrop...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/14 10:50 a.m.33 views

Rarible NFT Marketplace Flaw Could've Let Attackers Hijack Crypto Wallets

Cybersecurity researchers have disclosed a now-fixed security flaw in the Rarible non-fungible token NFT marketplace that, if successfully exploited, could have led to account takeover and theft of cryptocurrency assets. "By luring victims to click on a malicious NFT, an attacker can take full...

0.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/03/03 12:13 a.m.11 views

lahno-web3.de Improper Access Control vulnerability OBB-2394480

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

0.1AI score
Exploits0
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.11 views

WordPress EthPress – Web3 Login plugin <= 1.5.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress EthPress – Web3 Login plugin versions = 1.5.0. Solution Update the WordPress EthPress – Web3 Login plugin to the latest available version at least 1.5.1...

2.2AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.13 views

WordPress EthPress – Web3 Login plugin <= 1.5.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress EthPress – Web3 Login plugin versions = 1.5.0. Solution Update the WordPress EthPress – Web3 Login plugin to the latest available version at least 1.5.1...

4AI score
Exploits0References2Affected Software1
The Hacker News
The Hacker News
added 2022/02/18 12:32 p.m.30 views

Microsoft Warns of 'Ice Phishing' Threat on Web3 and Decentralized Networks

Microsoft has warned of emerging threats in the Web3 landscape, including "ice phishing" campaigns, as a surge in adoption of blockchain and DeFi technologies emphasizes the need to build security into the decentralized web while it's still in its early stages. The company's Microsoft 365 Defende...

0.1AI score
Exploits0
Akamai Blog
Akamai Blog
added 2022/02/17 3:0 p.m.21 views

Building the Future — Akamai’s Outlook on the Linode Acquisition

Akamai announced our intent to acquire Linode. The acquisition is intended to create the world’s most distributed compute platform. This new cloud to edge platform will make it easier for developers and businesses to build, run, and secure applications, especially given the complexities of Web3...

7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/02/16 5:0 p.m.26 views

‘Ice phishing’ on the blockchain

The technologies that connect us are continually advancing, and while this brings tremendous new capabilities to users, it also opens new attack surfaces for adversaries and abusers. Social engineering represents a class of threats that has extended to virtually every technology that enables huma...

0.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/02/16 5:0 p.m.23 views

‘Ice phishing’ on the blockchain

The technologies that connect us are continually advancing, and while this brings tremendous new capabilities to users, it also opens new attack surfaces for adversaries and abusers. Social engineering represents a class of threats that has extended to virtually every technology that enables huma...

0.1AI score
Exploits0
Code423n4
Code423n4
added 2021/11/09 12:0 a.m.14 views

Can not update target price

Handle jonah1005 Vulnerability details Impact The sanity checks in rampTargetPrice are broken SwapUtils.solL1571-L1581 if futureTargetPricePrecise = initialTargetPricePrecise, "futureTargetPrice is too small" ; else require futureTargetPricePrecise =...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2021/09/07 12:0 a.m.12 views

Freeze The Bridge Via Large ERC20 Names/Symbols/Denoms

Handle nascent Vulnerability details Ethereum Oracles watch for events on the Gravity.sol contract on the Ethereum blockchain. This is performed in the checkforevents function, ran in the ethoraclemainloop. In this function, there is the following code snippet: let erc20deployed = web3...

6.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2021/08/10 10:56 p.m.7 views

All Vulnerabilities for web3.sydneygirl-h.schools.nsw.edu.au Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| web3.sydneygirl-h.schools.nsw.edu.au...

Exploits0
Veracode
Veracode
added 2021/04/20 10:21 a.m.10 views

Data Corruption

vyper causes data corruption. Incorrect data handling allows an attacker to cause a data corruption via certain Web3 libraries with Vyper-deploy forwarder proxy contracts using Vyper's built-in createforwarderto function...

3.6AI score
Exploits0
Rows per page
Query Builder