74 matches found
Russia-Aligned ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid
The "coordinated" cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM. Operational technology OT cybersecurity company Dragos, in a new intelligence brief published Tuesday,...
CVE-2022-31246
paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request e.g., within QR code data. On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename...
EUVD-2018-1785
Malware in sbrugna...
EUVD-2018-18111
Malware in sbrugna...
EUVD-2022-52824
Malicious code in bioql PyPI...
Malicious code in electrum-bch (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8e4c3bb0f735a352c6f4d18865f3a145912c31f6b9da22c48e731e7fe750b1dd The modification of https://github.com/spesmilo/electrum not clear which version or fork that during usage will exfiltrate files from the current directory,...
MAL-2025-47762 Malicious code in electrum-bch (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8e4c3bb0f735a352c6f4d18865f3a145912c31f6b9da22c48e731e7fe750b1dd The modification of https://github.com/spesmilo/electrum not clear which version or fork that during usage will exfiltrate files from the current directory,...
MAL-2024-10926 Malicious code in electurm (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware efaea8e17d6dafe53e1047516e2be119bfd7d216f4d572a6de16d7bc1b164861 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10925 Malicious code in elctrum (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b89cc35724289a4220143414f7f4b8376381586c8a99e0bbf32b981c6403e048 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code
Cybersecurity researchers have discovered a new malicious Python package that masquerades as a cryptocurrency trading tool but harbors functionality designed to steal sensitive data and drain assets from victims' crypto wallets. The package, named "CryptoAITools," is said to have been distributed...
CVE-2022-31246
paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request e.g., within QR code data. On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename...
CVE-2022-31246
paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request e.g., within QR code data. On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename...
Code injection
paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request e.g., within QR code data. On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename...
CVE-2022-31246
paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request e.g., within QR code data. On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename...
CVE-2022-31246
paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request e.g., within QR code data. On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename...
CVE-2022-31246
Electrum ≤ 4.2.1 is affected by a vulnerability in paymentrequest.py that allows a file:// URL in the r parameter of a payment request (e.g., in QR code data). The issue can cause credential leakage on Windows via SMB and, on Linux/UNIX, denial of service by referencing the /dev/zero filename. Re...
Electrum 参数注入漏洞
Electrum is an electronic bitcoin wallet. A security vulnerability exists in versions of Electrum prior to 4.2.2 that stems from paymentrequest.py allowing the use of a file protocol URL file:// in the r parameter of a payment request. On Windows, this could lead to capturing credentials via SMB...
Man Robbed of 16 Bitcoin Sues Young Thieves’ Parents
In 2018, Andrew Schober was digitally mugged for approximately $1 million worth of bitcoin. After several years of working with investigators, Schober says hes confident he has located two young men in the United Kingdom responsible for using a clever piece of digital clipboard-stealing malware t...
Fake wallet update steals 1400 Bitcoin ($16 million) from Electrum user
By Sudais Asif Github users have identified the wallets where the scammer has transferred stolen Bitcoin. This is a post from HackRead.com Read the original post: Fake wallet update steals 1400 Bitcoin $16 million from Electrum user...
Electrum Python Console Security Vulnerability
Electrum is a lightweight Bitcoin client software, and Python console is one of the Python console programs.A security vulnerability exists in the Python console in Electrum versions 2.9.4 and earlier, and versions 3.x through 3.0.5. The vulnerability can be exploited by an attacker to steal...