exploit

Bugs in Gains Network fork let traders profit 900% on every trade: Report

cybersecurity, exploit, gains, gains network, holdstation, holdstation exchange, integer overflow, krav, krav trade, zellic /

Bugs in Gains Network fork let traders profit 900% on every trade: Report 2024-05-10 at 00:05 By Cointelegraph by Christopher Roark An attacker could have placed a limit buy order with an arbitrarily high open price to automatically win every trade, the Zellic security platform discovered. This article is an excerpt from Cointelegraph.com News View […]

React to this headline:

Loading spinner

Bugs in Gains Network fork let traders profit 900% on every trade: Report Read More »

Kronos Research hacker shifts funds to Tornado Cash

Crypto, Ethereum, etherscan, exploit, Funds, hacker, Kronos Research, laundering, PeckShield, Tornado Cash /

Kronos Research hacker shifts funds to Tornado Cash 2024-05-07 at 11:01 By Cointelegraph by Prashant Jha Kronos Research was exploited for $25 million in November last year, and one of the six wallets linked to the hacker started moving funds to Tornado Cash on May 7. This article is an excerpt from Cointelegraph.com News View

React to this headline:

Loading spinner

Kronos Research hacker shifts funds to Tornado Cash Read More »

GNUS Discord hack causes $1.27M in losses

AI, Discord, exploit, genius, gnus, hack /

GNUS Discord hack causes $1.27M in losses 2024-05-06 at 22:04 By Cointelegraph by Christopher Roark The attacker was able to view team members’ private Discord messages, allowing them to gain access to the team’s wallet address and mint 100 million fake tokens. This article is an excerpt from Cointelegraph.com News View Original Source React to

React to this headline:

Loading spinner

GNUS Discord hack causes $1.27M in losses Read More »

Hundred Finance hacker moves stolen assets a year after $7M exploit

blockchain security, CertiK, crypto assets, Crypto hack, Cryptocurrency, Decentralized Finance, DeFi, Ethereum, exploit, flash loan attack, hacker, Hundred Finance, loss, PeckShield, security breach /

Hundred Finance hacker moves stolen assets a year after $7M exploit 2024-05-02 at 15:01 By Cointelegraph by Ezra Reguerra The hacker holds about $4.3 million in various crypto assets in their Ethereum wallet. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:

React to this headline:

Loading spinner

Hundred Finance hacker moves stolen assets a year after $7M exploit Read More »

Pike Finance clarifies ‘USDC vulnerability’ statement on $1.6M exploit

arbitrum, cctp, Circle, Cross-Chain Transfer Protocol, crypto hacks, crypto security, DeFi news, DeFi Protocol, Ethereum, exploit, Optimism, Pike, security breach, smart contract, USDC vulnerability /

Pike Finance clarifies ‘USDC vulnerability’ statement on $1.6M exploit 2024-05-02 at 11:01 By Cointelegraph by Ezra Reguerra Pike highlighted that the exploit occurred due to their team’s inadequate integration of third-party technologies such as the CCTP or Gelato Network’s automation services. This article is an excerpt from Cointelegraph.com News View Original Source React to this

React to this headline:

Loading spinner

Pike Finance clarifies ‘USDC vulnerability’ statement on $1.6M exploit Read More »

Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades

Don't miss, exploit, firewall, Hot stuff, News, Palo Alto Networks, PoC /

Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades 2024-04-30 at 15:47 By Zeljka Zorz There are proof-of-concept techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls after CVE-2024-3400 has been exploited, the company has confirmed on Monday, but they are “not aware at this time of any malicious attempts to

React to this headline:

Loading spinner

Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades Read More »

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)

0-day, APT, CVE, cyber espionage, Don't miss, exploit, Hot stuff, Microsoft, News, Windows /

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028) 2024-04-23 at 17:01 By Zeljka Zorz For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service (CVE-2022-38028). Dubbed GooseEgg, the tool is a

React to this headline:

Loading spinner

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028) Read More »

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)

Censys, CrowdStrike, CrushFTP, CVE, Don't miss, enterprise, exploit, FTP, Hot stuff, News /

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040) 2024-04-23 at 13:01 By Zeljka Zorz A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. The vulnerability allows attackers to escape their virtual file system and download system files (i.e., configuration files), but only if

React to this headline:

Loading spinner

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040) Read More »

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation

Don't miss, enterprise, exploit, firewall, GreyNoise, Hot stuff, News, Palo Alto Networks, PoC, security update, TrustedSec, Volexity, vulnerability, WatchTowr /

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation 2024-04-17 at 12:31 By Zeljka Zorz While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be as easy a disabling the devices’ telemetry, it has now been comfirmed that this mitigation is ineffectual. “Device telemetry does not need to be

React to this headline:

Loading spinner

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation Read More »

CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks

Don't miss, exploit, firewall, Hot stuff, News, Palo Alto Networks, Volexity, vulnerability /

CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks 2024-04-12 at 22:16 By Zeljka Zorz Earlier today, Palo Alto Networks revealed that a critical command injection vulnerability (CVE-2024-3400) in the company’s firewalls has been exploited in limited attacks and has urged customers with vulnerable devices to quickly implement mitigations and workarounds. Palo Alto

React to this headline:

Loading spinner

CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks Read More »

Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400)

Don't miss, exploit, firewall, Hot stuff, News, Palo Alto Networks, Volexity, vulnerability /

Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400) 2024-04-12 at 10:46 By Zeljka Zorz Attackers are exploiting a command injection vulnerability (CVE-2024-3400) affecting Palo Alto Networks’ firewalls, the company has warned, and urged customers to implement temporary mitigations and get in touch to check whether their devices have been compromised. “Palo Alto Networks is

React to this headline:

Loading spinner

Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400) Read More »

Critical D-Link NAS vulnerability under active exploitation 

exploit, vulnerability /

Critical D-Link NAS vulnerability under active exploitation  2024-04-11 at 14:31 By neetha871ad236bd Cyble Global Sensor Intelligence observed active exploitation of critical D-Link Vulnerability  Recently, the security community has raised concerns regarding the vulnerabilities found in D-Link Network Attached Storage (NAS) devices. The vulnerabilities, identified as CVE-2024-3272 and CVE-2024-3273 were disclosed initially by an individual who

React to this headline:

Loading spinner

Critical D-Link NAS vulnerability under active exploitation  Read More »

Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits

exploit, Featured, Vulnerabilities /

Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits 2024-04-08 at 15:46 By Ionut Arghire Crowdfense has announced a $30 million exploit acquisition program covering Android, iOS, Chrome, and Safari zero-days. The post Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits Read More »

How malicious email campaigns continue to slip through the cracks

Cofense, communication, cybersecurity, Don't miss, Email, exploit, Hot stuff, phishing, QR codes, Video, vishing /

How malicious email campaigns continue to slip through the cracks 2024-04-08 at 07:01 By Help Net Security In this Help Net Security video, Josh Bartolomie, VP of Global Threat Services at Cofense, discusses how email will remain a target as long as it remains the predominant form of communication within a business. Cofense researchers have

React to this headline:

Loading spinner

How malicious email campaigns continue to slip through the cracks Read More »

Telegram trading bot Solareum shutters days after $520K exploit

exploit, sol, Solana, Solareum, Telegram, trading bot, wallet drainer /

Telegram trading bot Solareum shutters days after $520K exploit 2024-04-02 at 10:01 By Cointelegraph by Martin Young The team cited insufficient funds, evolving market trends, and a recent security breach for its closure. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:

React to this headline:

Loading spinner

Telegram trading bot Solareum shutters days after $520K exploit Read More »

Prisma Finance says $540K still at risk, hacker demands team reveal themselves

attack, exploit, Loan, Onchain Message, Onchain Proposal, Prisma Finance, Smart Contract Vulnerability, Trove /

Prisma Finance says $540K still at risk, hacker demands team reveal themselves 2024-04-01 at 05:02 By Cointelegraph by Brayden Lindrea The decentralized borrowing protocol said there were still 14 accounts that have yet to revoke the affected smart contract that caused $11.6 million to be exploited last week. This article is an excerpt from Cointelegraph.com

React to this headline:

Loading spinner

Prisma Finance says $540K still at risk, hacker demands team reveal themselves Read More »

Zero-day exploitation surged in 2023, Google finds

0-day, APT, cybercrime, Don't miss, exploit, Google, Hot stuff, Mandiant, News, spyware /

Zero-day exploitation surged in 2023, Google finds 2024-03-28 at 17:17 By Zeljka Zorz 2023 saw attackers increasingly focusing on the discovery and exploitation of zero-day vulnerabilities in third-party libraries (libvpx, ImagelO) and drivers (Mali GPU, Qualcomm Adreno GPU), as they can affect multiple products and effectively offer more possibilities for attack. Another interesting conclusion from

React to this headline:

Loading spinner

Zero-day exploitation surged in 2023, Google finds Read More »

Hacker mints 1B tokens in $16M Curio smart contract exploit

Curio, exploit, hack /

Hacker mints 1B tokens in $16M Curio smart contract exploit 2024-03-26 at 14:02 By Cointelegraph by Ezra Reguerra Curio said it will conduct a fund compensation program for affected liquidity providers, which could potentially take up to one year to complete. This article is an excerpt from Cointelegraph.com News View Original Source React to this

React to this headline:

Loading spinner

Hacker mints 1B tokens in $16M Curio smart contract exploit Read More »

Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware

Don't miss, exploit, Hot stuff, JetBrains, Malware, News, Ransomware, Remote Access Trojan, Trend Micro, vulnerability /

Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware 2024-03-21 at 12:01 By Helga Labus Attackers are exploiting the recently patched JetBrains TeamCity auth bypass vulnerability (CVE-2024-27198) to deliver ransomware, cryptominers and remote access trojans (RATs), according to Trend Micro researchers. The CVE-2024-27198 timeline CVE-2024-27198, an authentication bypass vulnerability affecting the TeamCity

React to this headline:

Loading spinner

Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware Read More »

$200,000 Awarded at Pwn2Own 2024 for Tesla Hack

exploit, Featured, IoT Security, Pwn2Own, Tesla, Vulnerabilities /

$200,000 Awarded at Pwn2Own 2024 for Tesla Hack 2024-03-21 at 11:46 By Eduard Kovacs Participants earned a total of $732,500 on the first day of Pwn2Own Vancouver 2024 for hacking a Tesla, operating systems, and other software. The post $200,000 Awarded at Pwn2Own 2024 for Tesla Hack appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

$200,000 Awarded at Pwn2Own 2024 for Tesla Hack Read More »

Scroll to Top