Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.
An exploit of the Secret Network went undiscovered for a week as the hacker moved the loot into Ethereum and then to exchanges. An attacker has used an “infinite mint” bug in a vulnerable smart ...
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
An exposed WP-SHELLSTORM server revealed tools, logs, cloud credentials, and thousands of webshells used in a large website ...
Citrix NetScaler received patches for another memory leak vulnerability similar to CitrixBleed, as well as memory overflow, file read and denial-of-service issues ...
Approximately $4.67 million worth of tokens were drained from Secret Network after an attacker exploited an ICS-20-based smart contract used to facilitate cross-chain transfers, according to Axelar’s ...
IBM and Red Hat have launched Lightwell to automate vulnerability remediation across enterprise open-source software ...
JadePuffer, a ransomware operation, used an AI agent to carry out much of the intrusion chain from reconnaissance, key theft, ...
(MENAFN- Crypto Breaking) An attacker exploited an“infinite mint” vulnerability in a smart contract on Secret Network to create wrapped versions of Axelar-backed assets without the normal backing.
Ethereum gossipsub vulnerability CVE-2026-34219 lets any unauthenticated peer crash a validator with a single crafted PRUNE ...
New activity targets CVE‑2026‑20230, an SSRF bug that can allow unauthenticated file writes and potential root‑level access on vulnerable systems. A critical Cisco Unified CM vulnerability is now ...