New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the trojan was discovered targeting both the mobile operating systems. The malware has been found to conceal itself within seemingly benign apps, su...

Malicious code in hardhat-configs (npm)

This package exfiltrates sensitive Ethereum-related data such as mnemonics and private keys to an attacker-controlled server. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 98317ddb2bbad731c7576eb5f64b3a91f7e6f7bd135fa5ef05b7a2ad3da15992 Any computer that has this...

Malicious code in @nomicsfondation/hardhat-configs (npm)

This package exfiltrates sensitive Ethereum-related data such as mnemonics and private keys to an attacker-controlled server. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 72a47b5bdfeac96982433856ac791ab0638f2d6f64f388ceb2a284f35597c37a Any computer that has this...

MAL-2025-626 Malicious code in hardhat-configs (npm)

This package exfiltrates sensitive Ethereum-related data such as mnemonics and private keys to an attacker-controlled server. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 98317ddb2bbad731c7576eb5f64b3a91f7e6f7bd135fa5ef05b7a2ad3da15992 Any computer that has this...

Freighter 信息泄露漏洞

Freighter is an extension to Stellar open source. An information disclosure vulnerability exists in Freighter 5.3.1 and earlier versions, which stems from a vulnerability that allows an attacker to access mnemonics via a private API using Javascript...

Trust Wallet Core 安全特征问题漏洞

Trust Wallet Core is an open source, cross-platform, mobile-centric library from Trust Wallet, Inc. A security vulnerability exists in Trust Wallet Core versions prior to 3.1.1, Trust Wallet browser extension prior to 0.0.183, which stems from mt19937 Mersenne Twister uses a single 32-bit value a...

Coinkite Coldcard MK1 and Coldcard MK2 Information Disclosure Vulnerabilities

The Coinkite Coldcard MK1 and Coldcard MK2 are both hardware-based bitcoin wallet devices from Coinkite, Inc. An information disclosure vulnerability exists in Coinkite Coldcard MK1 and Coldcard MK2. An attacker could exploit the vulnerability to recover sensitive data, such as PIN and BIP39...

PT-2019-13639

Name of the Vulnerable Software and Affected Versions Hyundai Pay Kasse HK-1000 devices affected versions not specified Description A side channel was discovered related to the row-based OLED display on the devices. The power consumption of each display cycle varies based on the number of...

[SECURITY] Fedora 25 Update: nasm-2.13.01-3.fc25

NASM is the Netwide Assembler, a free portable assembler for the Intel 80x86 microprocessor series, using primarily the traditional Intel instruction mnemonics and syntax...