24 matches found
Malicious code in polymarket-ai-agent (npm)
A coordinated supply-chain attack comprising 9 npm packages published by maintainer polymarketdev GitHub actor texsellix, repo texsellix/polymarket-trading-bot within a 2-minute window on 2026-05-20T23:30Z–23:32Z. All packages masquerade as legitimate Polymarket CLOB trading tools while...
Malicious code in web3-py-checksum (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4b2052172f5c854b2e91f6bdc9336a97469cd161372621a1880d9cd1e3ad426a The code silently exfiltrates the private key of a crypto account. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
FakeWallet crypto stealer spreading through iOS apps in the App Store
In March 2026, we uncovered more than twenty phishing apps in the Apple App Store masquerading as popular crypto wallets. Once launched, these apps redirect users to browser pages designed to look similar to the App Store and distributing trojanized versions of legitimate wallets. The infected ap...
CVE-2025-64122
CVE-2025-64122 describes an Insufficiently Protected Credentials vulnerability in the Nuvation Energy Multi-Stack Controller (MSC) that enables Signature Spoofing via Key Theft. Affected product: MSC versions up to and including 2.5.1. Root cause and impact are limited to credentials protection a...
EUVD-2024-3483
Malicious code in bioql PyPI...
CVE-2024-54134
A publish-access account was compromised for @solana/web3.js, a JavaScript library that is commonly used by Solana dapps. This allowed an attacker to publish unauthorized and malicious packages that were modified, allowing them to steal private key material and drain funds from dapps, like bots,...
Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack
The Ripple cryptocurrency npm JavaScript library named xrpl.js has been compromised by unknown threat actors as part of a software supply chain attack designed to harvest and exfiltrate users' private keys. The malicious activity has been found to affect five different versions of the package:...
Malicious Package
@solana/web3.js is a Malicious Package allowing an attacker to steal private key material and drain funds from applications directly handling private keys...
SUSE CVE-2021-3798
A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via CCreateObject, nor when CDeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack...
The owner can swap the proxy implementation with a malicious one
Lines of code Vulnerability details The owner of VRFNFTRandomDrawFactory.sol could swap the current implementation with a malicious one at any moment, without a waiting period. Impact The worse case scenario is one in which the private key of the contract owner gets stolen. In this case the owner...
Design/Logic Flaw
profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022...
profanity 安全特征问题漏洞
profanity is an ethereum vanity address generator from BlackTrace Personal Developers. A security vulnerability exists in profanity versions 1.60 and earlier, which stems from the fact that it has only 4 billion possible RNG initializations leading to an attacker being able to recover private key...
nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function
A side-channel flaw was found in NSS, in the way P-384 and P-521 curves are used in the generation of EDSA signatures, leaking partial information about the ECDSA nonce. Given a small number of ECDSA signatures, this information can be used to steal the private key. The highest threat from this...
nss: Side channel attack on ECDSA signature generation
A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDS...
nss: ECDSA timing attack mitigation bypass
A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDS...
nss: Side channel attack on ECDSA signature generation
A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDS...
nss: ECDSA timing attack mitigation bypass
A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDS...
GHSA-9X64-5R7X-2Q53 Malicious Package in flatmap-stream
Version 0.1.1 of flatmap-stream is considered malicious. This module runs an encrypted payload targeting a very specific application, copay and because they shared the same description it would have likely worked for copay-dash. The injected code: - Read in AES encrypted data from a file disguise...
OpenSSL Vulnerabilities 16-Apr-2018 and 12-Jun-2018
SUMMARY Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities. A malicious SSL/TLS server can send large DH parameters during connections using DH/DHE cipher suites and cause denial-of-service in the SSL/TLS client. A local attacker can...
KICKICO Hacked: Cybercriminal Steals $7.7 Million from ICO Platform
Again some bad news for cryptocurrency users. KICKICO, a blockchain-based initial coin offering ICO support platform, has fallen victim to a suspected cyber attack and lost more than 70 million KICK tokens or KickCoins worth an estimated $7.7 million. In a statement released on its Medium post on...