MAL-2026-4218 Malicious code in solidity-deploy-guard (npm)

A coordinated supply-chain attack comprising 10 npm packages published by maintainer ddjidd5640 [email protected] within a 48-hour window 2026-05-19T03:55Z – 2026-05-21T04:31Z. All packages masquerade as legitimate Web3/DeFi developer security tools MCP servers while silently exfiltrating...

Malicious code in svchost (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a56926028e7e253a1ffb3ba27d6514a5cbc6b23964d7e1094846a895dd322656 Code exfiltrates sensitive crypto wallet's files and sets up a keylogger trying to catch the password to the wallet --- Category: MALICIOUS - The campaign has...

Malicious code in pckg-sv (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2ae45d504dadccaa437ebeaa729136ca7b38074149772b076c7abb34ab1e81f4 Code exfiltrates sensitive crypto wallet's files and sets up a keylogger trying to catch the password to the wallet --- Category: MALICIOUS - The campaign has...

A New Ransomware Targeting Apple macOS Users Through Pirated Apps

Cybersecurity researchers this week discovered a new type of ransomware targeting macOS users that spreads via pirated apps. According to several independent reports from K7 Lab malware researcher Dinesh Devadoss, Patrick Wardle, and Malwarebytes, the ransomware variant — dubbed "EvilQuest " — is...

Seized $3.5 Million worth Bitcoins from Silk Road will be deposited in the U.S. Treasury

Ross Ulbricht, the recently arrested mastermind behind Silk Road, appeared in court yesterday where his lawyer begged for more time before the detention hearing. As the Protective Order states, The United States is further authorized to seize any and all Bitcoins contained in wallet files residin...

CVE-2011-4447

The "encrypt wallet" feature in wxBitcoin and bitcoind 0.4.x before 0.4.1, and 0.5.0rc, does not properly interact with the deletion functionality of BSDDB, which allows context-dependent attackers to obtain unencrypted private keys from Bitcoin wallet files by bypassing the BSDDB interface and...

CVE-2011-4447

The "encrypt wallet" feature in wxBitcoin and bitcoind 0.4.x before 0.4.1, and 0.5.0rc, does not properly interact with the deletion functionality of BSDDB, which allows context-dependent attackers to obtain unencrypted private keys from Bitcoin wallet files by bypassing the BSDDB interface and...