8 matches found
MAL-2024-10686 Malicious code in waletconnect (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 88e6af7f36fb8505de18383cc5fa7a8823640c17a31787bac7cab99b4e788cc8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Crypto Scam App Disguised as WalletConnect Steals $70K in Five-Month Campaign
Cybersecurity researchers have discovered a malicious Android app on the Google Play Store that enabled the threat actors behind it to steal approximately $70,000 in cryptocurrency from victims over a period of nearly five months. The dodgy app, identified by Check Point, masqueraded as the...
First Mobile Crypto Drainer on Google Play Steals $70K from Users
A malicious app disguised as a legitimate WalletConnect tool targeted mobile users on Google Play. The app stole…...
@jup-ag/core (>=3.0.0-beta.0 <=3.0.0-beta.8-eacba78), @jup-ag/react-hook (>=3.0.0-beta.0 <=3.0.0-beta.8-eacba78) +7 more potentially affected by CVE-2024-30253 via @solana/web3.js (>=1.63.0 <=1.63.1)
@solana/web3.js NPM version =1.63.0, =3.0.0-beta.0, =3.0.0-beta.0, =0.0.1-0d5b39f4.0, =0.0.1-0f199db9.0, =4.0.0-maple-1, =0.1.0, =1.4.8, =1.0.0, =1.7.1-alpha.4 Source cves: CVE-2024-30253 Source advisory: OSV:GHSA-8M45-2RJM-J347...
@convexitydmcc/wallet-adapter-walletconnect (>=2.0.0-beta.26 <=2.0.0-rc.5), @renec-foundation/gasless-sdk (>=0.2.3 <=0.2.6) +1 more potentially affected by CVE-2024-30253 via @solana/web3.js (=1.48.0)
@solana/web3.js NPM version =1.48.0 is affected by a known vulnerability. The following packages have a transitive dependency on @solana/web3.js and may be impacted: - @convexitydmcc/wallet-adapter-walletconnect =2.0.0-beta.26, =0.2.3, =3.0.0, =6.3.0-profits-mercurial-rc8 Source cves:...
Malicious code in walletconnect-website (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8fedf1a7e034f6d4d96967609e8df064c5c028c14788047985c72051e2e6ab55 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8119 Malicious code in walletconnect-website (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8fedf1a7e034f6d4d96967609e8df064c5c028c14788047985c72051e2e6ab55 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
@aprilsacil/wallet (>=0.1.36 <=0.1.51), @chainfuse/react (>=0.0.46 <=0.1.0-dev.96) +40 more potentially affected by CVE-2023-30543 via @web3-react/walletconnect (>=8.0.23-beta.0 <=8.0.36-beta.0)
@web3-react/walletconnect NPM version =8.0.23-beta.0, =0.1.36, =0.0.46, =0.0.70, =1.0.0, =0.0.1, =1.0.0, =0.0.1, =1.1.0, =0.0.3, =1.0.0, =0.0.6-alpha.0, =0.0.12 - @huma-finance/widgets =0.0.6-alpha.0 - @huma-shan/shared =0.0.1 and more Source cves: CVE-2023-30543 Source advisory:...