Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
CoinTelegraph

Truebit exploit exposes smart-contract flaw behind $26M token mint

Truebit lost $26 million after a smart-contract overflow bug let an attacker mint tokens at near-zero cost, sending the TRU price down 99%. A $26 million exploit of the offline computation protocol ...
Benzinga.com

Could AI Agents Exploit Ethereum, XRP, Solana? Anthropic Says It's Possible

AI firm Anthropic says its latest tests showed AI agents autonomously hacking top blockchains and draining simulated funds, signaling that automated exploits may now threaten blockchains like Ethereum ...
CoinDesk

Anthropic Research Shows AI Agents Are Closing In on Real DeFi Attack Capability

AI agents are getting good enough at finding attack vectors in smart contracts that they can already be weaponized by bad actors, according to new research published by the Anthropic Fellows program.
CoinDesk

Balancer Hit by Apparent Exploit as $110M in Crypto Moves to New Wallets

Balancer, a decentralized finance (DeFi) protocol with over $750 million in value locked, appears to have been hit by its biggest exploit yet, with on-chain data showing upward of $110 million in ...
Forbes

Ongoing Ransomware Attacks Exploit Linux Vulnerability, CISA Warns

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Admit it: the first thing you think of when ransomware is ...
Forbes

VMware Hacked As $150,000 Zero-Day Exploit Dropped

Pwn2Own hackers use $150,000 exploit on VMware ESXi. The elite hackers attending Pwn2Own in Berlin have made hacking history by successfully deploying a zero-day exploit against VMware ESXi. Having ...
Bleeping Computer

Fake LDAPNightmware exploit on GitHub spreads infostealer malware

A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. The ...
IndieWire

The Black List Celebrates 20 Years of Honoring Hollywood’s Favorite Unproduced Scripts: Check Out the 2024 Picks

"Bad Boy" writer Travis Braun tops the list for the second year in a row with "One Night Only." The yearly compilation of the “most liked” unproduced screenplays include 83 scripts by 91 writers. The ...
The Hill

Kentucky sues Express Scripts, alleging it helped fuel state’s opioid crisis

Kentucky’s attorney general is suing the pharmacy benefit manager (PBM) Express Scripts over its role in “worsening” the state’s opioid crisis. In the complaint filed in state court, Attorney General ...
Dark Reading

1 PoC Exploit for Critical RCE Flaw, but 2 Patches From Veeam

A researcher has released a proof-of-concept (PoC) exploit and analysis for a critical vulnerability, tracked as CVE-2024-40711, used in Veeam's backup and replication software. As an unauthenticated ...
CNBC

Express Scripts sues FTC over drug pricing report

Pharmacy benefit manager Express Scripts sued the U.S. Federal Trade Commission on Tuesday over the regulator's recent drug pricing report, calling the report's conclusion that the prescription ...