PT-2025-31716 · Npm · @Account-Kit/Smart-Contracts

Impact A potential security issue has been mitigated on old account deployment functions from the factory. Smart wallets in use on all existing supported networks are not impacted. Patches Please direct creation of new wallets to either createSemiModularAccount on AccountFactory.sol or...

Alchemy Non-SMA and Webauthn Account Security Advisory

A potential security issue has been mitigated on old account deployment functions from the factory. Smart wallets in use on all existing supported networks are not impacted...

EncryptHub Targets Web3 Developers Using Fake AI Platforms to Deploy Fickle Stealer Malware

The financially motivated threat actor known as EncryptHubaka LARVA-208 and Water Gamayun has been attributed to a new campaign that's targeting Web3 developers to infect them with information stealer malware. "LARVA-208 has evolved its tactics, using fake AI platforms e.g., Norlax AI, mimicking...

How an Email, Crypto Wallet and YouTube Activity Led the FBI to IntelBroker

FBI tracked IntelBroker as UK’s Kai West using an email address, crypto trails, YouTube activity and forum posts after dozens of high-profile data breaches and darknet activity...

Over 20 Malicious Apps on Google Play Target Users for Seed Phrases

Over 20 malicious apps on Google Play are stealing crypto seed phrases by posing as trusted wallets and exchanges, putting users' funds at risk...

Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks

Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, erase entire codebases after installation, and exfiltrate Telegram API tokens, once again demonstrating the variety of supply chain threats lurking in...

Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets

A growing number of malicious campaigns have leveraged a recently discovered Android banking trojan called Crocodilus to target users in Europe and South America. The malware, according to a new report published by ThreatFabric, has also adopted improved obfuscation techniques to hinder analysis...

Compact and Selective Disclosure for Verifiable Credentials

Self-Sovereign Identity SSI is a novel identity model that empowers individuals with full control over their data, enabling them to choose what information to disclose, with whom, and when. This paradigm is rapidly gaining traction worldwide, supported by numerous initiatives such as the European...

MAL-2025-191728 Malicious code in fernets (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 95fc75ed8a4cfcccc988b2241772effbc15eb3700a6a96f3183981a1b4c7fba7 If imported, the module starts a multi-stage infostealer, exfiltrating browser data as well as crypto wallets, and also attempts to monitor clipboard looking f...

Lazarus Group Targets Crypto-Wallets and Financial Data While Employing New Tradecrafts

This report presents a comprehensive analysis of a malicious software sample, detailing its architecture, behavioral characteristics, and underlying intent. Through static and dynamic examination, the malware core functionalities, including persistence mechanisms, command-and-control communicatio...

CVE-2022-3995

The TeraWallet plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.4.3. This is due to insufficient validation of the user-controlled key on the lockunlockterawallet AJAX action. This makes it possible for authenticated attackers, with...

CVE-2020-14199

BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee. NOTE: this affects all hardware wallets. It was fixed in 1.9.1 for the...

CVE-2019-19771

The lodahs package 0.0.1 for Node.js is a Trojan horse, and may have been installed by persons who mistyped the lodash package name. In particular, the Trojan horse finds and exfiltrates cryptocurrency wallets...

FrigidStealer Malware Hits macOS Users via Fake Safari Browser Updates

FrigidStealer malware targets macOS users via fake browser updates, stealing passwords, crypto wallets, and notes using DNS-based data…...

LockBit’s Dark Web Domains Hacked, Internal Data and Wallets Leaked

LockBit’s dark web domains were hacked, exposing internal data, affiliate tools, and over 60,000 Bitcoin wallets in a…...

CVE-2025-32965

xrpl.js is a JavaScript/TypeScript API for interacting with the XRP Ledger in Node.js and the browser. Versions 4.2.1, 4.2.2, 4.2.3, and 4.2.4 of xrpl.js were compromised and contained malicious code designed to exfiltrate private keys. Version 2.14.2 is also malicious, though it is less likely t...

CVE-2025-32965 Compromised xrpl.js versions 4.2.1, 4.2.2, 4.2.3, 4.2.4, and 2.14.2

xrpl.js is a JavaScript/TypeScript API for interacting with the XRP Ledger in Node.js and the browser. Versions 4.2.1, 4.2.2, 4.2.3, and 4.2.4 of xrpl.js were compromised and contained malicious code designed to exfiltrate private keys. Version 2.14.2 is also malicious, though it is less likely t...

WalletProbe: a Testing Framework for Browser-Based Cryptocurrency Wallet Extensions

Serving as the first touch point for users to the cryptocurrency world, cryptocurrency wallets allow users to manage, receive, and transmit digital assets on blockchain networks and interact with emerging decentralized finance DeFi applications. Unfortunately, cryptocurrency wallets have always...

China-based SMS Phishing Triad Pivots to Banks

China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called "Smishing Triad " mainly impersonated toll road operators and shipping companies. But experts say these groups a...

Top Crypto Wallets of 2025: Balancing Security and Convenience

Crypto software wallets are invincible in the micro range. If you own multiple crypto assets, you need safe and reliable wallets, too...