Latest News
Affected versions allow populating a DistributedSlice of T with elements of an arbitrary other type that coerces to T. For example, elements of type `&&str` could end up in a slice of type `[&str]`, since `&&str` coerces to `&str` via a deref coercion. The flaw was corrected by implementing typechecking for distributed slice elements in such a way that coercion no longer occurs. The element's type must be a subtype of the slice's declared element type.
SUMMARY Veeam, a leading provider of backup, recovery, and data management solutions, has issued urgent security updates to…
Earlier today, a publish-access account was compromised for `@solana/web3.js`, a JavaScript library that is commonly used by Solana dapps. This allowed an attacker to publish unauthorized and malicious packages that were modified, allowing them to steal private key material and drain funds from dapps, like bots, that handle private keys directly. This issue should not affect non-custodial wallets, as they generally do not expose private keys during transactions. This is not an issue with the Solana protocol itself, but with a specific JavaScript client library and only appears to affect projects that directly handle private keys and that updated within the window of 3:20pm UTC and 8:25pm UTC on Tuesday, December 3, 2024. These two unauthorized versions (1.95.6 and 1.95.7) were caught within hours and have since been unpublished. We are asking all Solana app developers to upgrade to version 1.95.8. Developers pinned to `latest` should also upgrade to 1.95.8. Developers that suspect t...
The Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to conduct its own operations since 2022. The activity, first observed in December 2022, is the latest instance of the nation-state adversary "embedding
The mobile device security firm iVerify has been offering a tool since May that makes spyware scanning accessible to anyone—and it’s already turning up victims.
In a letter to the Department of Defense, senators Ron Wyden and Eric Schmitt are calling for an investigation into fallout from the Salt Typhoon espionage campaign.
INC Ransom, a Russian-leanguage ransomware group has claimed responsibility for the ransomware attack on two NHS, hospitals.
The value of cryptocurrencies is going through the roof, so the scammers are even more interested in your funds
Western authorities say they’ve identified a network that found a new way to clean drug gangs’ dirty cash. WIRED gained exclusive access to the investigation.
Secure your cryptocurrency with key cybersecurity strategies. Safeguard your digital assets from hacks, scams, and vulnerabilities using hardware…