Cryptocurrency

Security researchers uncover ClawHavoc campaign distributing Atomic Stealer through fake cryptocurrency and productivity tools on ClawHub marketplace.

Attackers exploited a validation flaw to send spoofed cross-chain messages and unlock tokens across Ethereum, Arbitrum, and six other networks.

DPRK hackers stole $2B in cryptocurrency in 2025 alone. Understanding Lazarus Group's operations helps defend against state-sponsored financial theft.

North Korean APT-Q-1 now combines fraudulent cryptocurrency job postings with ClickFix social engineering to deploy GolangGhost backdoor and BeaverTail stealer.

First macOS-focused wave of GlassWorm malware discovered on Open VSX marketplace, stealing cryptocurrency wallets, Keychain passwords, and developer credentials through trojanized extensions.

Cryptocurrency hardware wallet maker Ledger confirms customer data exposed after third-party payment processor Global-e suffers cloud system breach.

Popular text editor's download page was hijacked for four days in December, serving trojanized installers that steal browser credentials and crypto wallets.

The self-propagating VS Code extension worm now replaces Ledger Live and Trezor Suite with trojanized versions. Russian-speaking operators behind campaign.

Attackers pushed malicious update v2.68 to Chrome Web Store using leaked API key. Hundreds affected as seed phrases harvested via embedded analytics library.

Russian-developed infostealer now production-ready after December 16 release, targets browser credentials, crypto wallets, and messaging apps for $175/month.

DPRK-affiliated threat actors dominated crypto theft in 2025, accounting for 76% of exchange compromises with cumulative theft now exceeding $6.75 billion.