746 matches found
Arrests in Tap-to-Pay Scheme Powered by Phishing
Authorities in at least two U.S. states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. Details released by authorities so far indicate the mobile wallets being used by the scammers were created through...
Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets
Microsoft is calling attention to a novel remote access trojan RAT named StilachiRAT that it said employs advanced techniques to sidestep detection and persist within target environments with an ultimate aim to steal sensitive data. The malware contains capabilities to "steal information from the...
StilachiRAT Exploits Chrome for Crypto Wallets and Credentials
StilachiRAT: Sophisticated malware targets crypto wallets & credentials. Undetected, it maps systems & steals data. Microsoft advises strong security measures...
SquareX Unveils Polymorphic Extensions that Morph Infostealers into Any Browser Extension – Password Managers, Wallets at Risk
Palo Alto, Singapore, 6th March 2025, CyberNewsWire...
CVE-2024-13724
The Wallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction plugin for WordPress is vulnerable to unauthorized access to functionality in all versions up to, and including, 2.6.2. This makes it possible for unauthenticated attackers to increase their...
Crypto and Cybersecurity: The Rising Threats and Why Reliable Wallets Matter
Cybersecurity threats in crypto are rising, from the Bybit hack to fake wallets stealing funds. Learn how to…...
Hardware Crypto Wallets vs. Mobile vs. Desktop: Which Should You Choose?
Crypto wallets are essential in keeping your cryptocurrency safe. There are different types of wallets available and choosing…...
How Phished Data Turns into Apple & Google Wallets
Carding -- the underground business of stealing, selling and swiping stolen payment card data -- has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovati...
New XCSSET Malware Variant Targeting macOS Notes App and Wallets
Microsoft warns Apple developers about a new XCSSET malware variant targeting macOS, posing security risks through stealthy infections…...
Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics
Microsoft said it has discovered a new variant of a known Apple macOS malware called XCSSET as part of limited attacks in the wild. "Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies,"...
Screenshot-Reading Malware
Kaspersky is reporting on a new type of smartphone malware. The malware in question uses optical character recognition OCR to review a device's photo library, seeking screenshots of recovery phrases for crypto wallets. Based on their assessment, infected Google Play apps have been downloaded more...
CVE-2025-24544
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dashed-slug.net Bitcoin and Altcoin Wallets wallets allows Reflected XSS.This issue affects Bitcoin and Altcoin Wallets: from n/a through = 6.3.1...
Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign
The North Korea-linked Lazarus Group has been linked to an active campaign that leverages fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver malware capable of infecting Windows, macOS, and Linux operating systems. According to cybersecurity company Bitdefender, the scam...
CVE-2025-24544
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dashed-slug.net Bitcoin and Altcoin Wallets wallets allows Reflected XSS.This issue affects Bitcoin and Altcoin Wallets: from n/a through = 6.3.1...
CVE-2025-24544 WordPress Bitcoin and Altcoin Wallets plugin <= 6.3.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dashed-slug.net Bitcoin and Altcoin Wallets wallets allows Reflected XSS.This issue affects Bitcoin and Altcoin Wallets: from n/a through = 6.3.1...
CVE-2025-24544
CVE-2025-24544 affects WordPress plugin Bitcoin and Altcoin Wallets (versions prior to 6.3.1). The root cause is improper input neutralization during web page generation, enabling a Reflected XSS vulnerability. Practical impact (as described) is that an attacker could inject malicious scripts via...
WordPress plugin Bitcoin and Altcoin Wallets 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2025-5394 · Unknown · Alexandros Georgiou Bitcoin/Altcoin Wallets
Name of the Vulnerable Software and Affected Versions: Alexandros Georgiou Bitcoin and Altcoin Wallets versions prior to 6.3.1 Description: The issue is related to improper neutralization of input during web page generation, which allows for Cross-site Scripting XSS attacks, specifically Reflecte...
Malicious code in arcus-cmd-utils (npm)
This package executes a base64-encoded script to download an Electron-based infostealer binary, aimed at exfiltrating cryptocurrency wallets, credentials, and other sensitive data. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware...
Researchers Uncover Backdoor in Solana's Popular Web3.js npm Library
Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js npm library that involved pushing two malicious versions capable of harvesting users' private keys with an aim to drain their cryptocurrency wallets. The attack has been detected in...