Tag: CRYPTO

Beware! Hacker Group Lazarus Deploys Malware Packages on npm Platform; SolarWinds Helpdesk Vulnerability Exposed: Attackers Can Decrypt Sensitive Passwords – Security Bull
A recent security report highlights multiple cyber threats, including the discovery of six malicious npm packages linked to the Lazarus hacker group, which are designed to steal sensitive credentials and deploy malware. Additionally, a serious vulnerability in SolarWinds’ web help desk has been uncovered, allowing attackers to decrypt sensitive credentials.…
Read More
Garantex crypto exchange admin arrested while on vacation
Summary: Indian authorities arrested Aleksej Besciokov, co-founder of the Russian Garantex crypto-exchange, under extradition law while he was on vacation in Varkala. Besciokov and his co-founder face charges in the U.S. for facilitating money laundering and other criminal activities through their exchange. Garantex has been implicated in significant illegal financial activities, leading to its domains seizure and the freezing of over million in funds.…
Read More
North Korean Lazarus hackers infect hundreds via npm packages
Summary: Six malicious npm packages linked to the North Korean hacking group Lazarus have been discovered, designed to steal credentials and extract sensitive information. These packages, which have been downloaded 330 times, employ typosquatting tactics to mislead developers into installing them. Their malicious capabilities include the installation of backdoors and targeted cryptocurrency wallet thefts.…
Read More
⚡ THN Weekly Recap: New Attacks, Old Tricks, Bigger Impact
Summary: The evolving landscape of cyber threats raises critical concerns around cybersecurity resilience, particularly as state-sponsored groups and new ransomware tactics emerge. Notable events this week include charges against Chinese nationals for hacking and the dismantling of Garantex, a cryptocurrency exchange linked to money laundering. This edition explores the complexities of modern cyber threats and ongoing countermeasures by global law enforcement.…
Read More
Cybersecurity News Review, — Week 10 (2025)
The latest cybersecurity newsletter highlights vulnerabilities and attacks involving multiple platforms including VMware, Microsoft, Google, and more. Key updates include the patching of critical zero-day vulnerabilities, ransomware attacks, and the rise of sophisticated malware targeting various industries. The report emphasizes the importance of cybersecurity measures to protect sensitive data and infrastructure.…
Read More
US seizes million in crypto stolen via password manager breach
Summary: U.S. authorities have seized over million in cryptocurrency linked to a 0 million theft from a Ripple wallet, believed to be executed by hackers who previously breached LastPass. Investigators traced the stolen funds to multiple cryptocurrency exchanges, using evidence that the theft was facilitated by compromised private keys from stolen password vault data.…
Read More
US Seize Garantex in Cryptocurrency Money Laundering Bust
Summary: The US Justice Department seized the online infrastructure of Garantex, a cryptocurrency exchange involved in significant money laundering and sanctions violations. Alongside the shutdown, two individuals were indicted for their roles in facilitating these illicit activities, including laundering billions in cryptocurrency transactions. The operation also saw international law enforcement collaboration to freeze funds and control servers linked to Garantex’s operations.…
Read More
US charges Garantex admins with money laundering, sanctions violations
Summary: The U.S. has charged Garantex crypto-exchange administrators with money laundering and violating sanctions, accusing them of laundering over billion since 2019 for criminal organizations. U.S. authorities have seized Garantex’s domains, servers, and frozen substantial funds linked to these illicit activities. The exchange has temporarily suspended operations following measures by Tether to block its digital wallets due to EU sanctions.…
Read More
U.S. Secret Service Seizes Russian Garantex Crypto Exchange Website
Summary: A coalition of international law enforcement agencies has seized the Garantex cryptocurrency exchange website, following its prior sanctions by the U.S. Treasury Department for facilitating illicit transactions. The operation involved several major law enforcement organizations, including the FBI and Europol, highlighting ongoing efforts against fraudulent crypto activities.…
Read More
Safe{Wallet} Confirms North Korean TraderTraitor Hackers Stole .5 Billion in Bybit Heist
Summary: Safe{Wallet} disclosed details about a sophisticated cyberattack on Bybit, attributed to state-sponsored North Korean hackers. The attackers employed advanced social engineering techniques to compromise a developer’s machine and hijack AWS session tokens, enabling them to conduct covert operations. The incident highlights serious security vulnerabilities in the cryptocurrency industry, which faces record losses from hacks in 2025.…
Read More
Russian crypto exchange Garantex’s website taken down in apparent law enforcement operation
Summary: The U.S. and European law enforcement have seized the domain of the Russian cryptocurrency exchange Garantex amid allegations of its involvement in circumventing sanctions and facilitating cybercrime. This action followed Garantex’s announcement of million worth of assets being frozen by the cryptocurrency firm Tether. The exchange has been linked to illicit activities and has gained notoriety in the Russian crypto market since its founding in 2019.…
Read More
Unveiling EncryptHub: Analysis of a Multi-Stage Malware Campaign
EncryptHub, a notable cybercriminal organization, has gained increasing attention from threat intelligence teams due to its operational security missteps. These lapses have allowed analysts to gain insights into their tactics and infrastructure. The report details EncryptHub’s multi-stage attack chains, trojanized application distribution strategies, and their evolving killchain, making them a significant threat in the cyber landscape.…
Read More
Sendai Vulnlab – ESC4 & ReadGMSAPassword for AD Domination
In the latest round of Active Directory exploitation, Maverick dives into the Sendai machine, showcasing vulnerabilities in Active Directory Certificate Services, password management, and SMB enumeration. Through strategic techniques such as password spraying and privilege escalation, an impressive path to Domain Admin is laid out, emphasizing the importance of enumeration and awareness of misconfigurations in AD environments.…
Read More
Malicious Chrome extensions can spoof password managers in new attack
Summary: A new “polymorphic” attack allows malicious Chrome extensions to disguise themselves as legitimate ones, such as password managers, to steal sensitive information. Devised by SquareX Labs, the attack can manipulate installed extensions and employ phishing tactics to capture user credentials. SquareX has disclosed the attack to Google, urging for protective measures against this serious security threat.…
Read More