Tag: cryptocurrency

Threat Landscape Roundup: Zero-Day Surge, State Actor Campaigns, and Multi-Million Dollar Fraud Operations

Google's threat intelligence reveals 90 zero-day vulnerabilities were actively exploited in 2025, with nearly half targeting enterprise infrastructure. Concurrently, state-sponsored groups continue targeting telecommunications providers while cybercriminals execute multi-million dollar fraud schemes through business email compromise and cryptocurrency theft.

Mar 6, 2026BleepingComputer, Cisco Talos, Malwarebytes Labs, SecureList (Kaspersky)

zero-dayaptmalware

🇺🇸Google

criticalMalware & Threats

Critical VMware RCE Exploited, Major Breaches Hit LexisNexis and AkzoNobel

CISA confirmed active exploitation of a VMware Aria Operations RCE vulnerability, adding it to the KEV catalog. Major data breaches impacted LexisNexis and AkzoNobel, while threat actors continue leveraging OAuth flows and compromised infrastructure for attacks.

Mar 4, 2026BleepingComputer, Graham Cluley, Checkpoint Research, Malwarebytes Labs, SecureList (Kaspersky)

vmwarecisa-kevdata-breach

🏴Play

🇺🇸LexisNexis🇺🇸Meta Platforms🇺🇸Google

mediumData Breaches & Incidents

Korean Tax Agency Accidentally Exposes Seized Wallet Seed, Enables $4.8M Theft

South Korea's National Tax Service inadvertently exposed a seized cryptocurrency wallet's mnemonic recovery phrase in an official press release. Attackers quickly exploited this exposure to drain 6.4 billion won ($4.8 million) worth of cryptocurrency from the wallet.

Mar 1, 2026BleepingComputer

operational-securitycryptocurrencygovernment-breach

highVulnerabilities & Exploits

Supply Chain Worms and State-Sponsored Malware: Weekend Threat Roundup

Active npm supply chain worm harvests crypto keys and CI secrets while Iranian APT MuddyWater deploys new malware targeting MENA organizations in coordinated campaign.

Feb 23, 2026The Hacker News, SANS ISC

supply-chainnpmmalware

🇮🇷MuddyWater🇷🇺Sandworm

mediumMalware & Threats

ClickFix Campaign Expands to Target Cryptocurrency Wallets and 25+ Browsers

CyberProof researchers document ClickFix operation's expansion into cryptocurrency theft, using fake captchas to deploy infostealers across 25+ browsers and MetaMask wallets.

Feb 22, 2026Hackread

infostealerclickfixcryptocurrency