Security News
Damage likely limited to those running bots with private key access Malware-poisoned versions of the widely used JavaScript library @solana/web3.js were distributed via the npm package registry,...
Cybersecurity researchers have discovered a new malicious package on the Python Package Index repository that masquerades as a library from the Solana blockchain platform but is actually designed to steal victims' secrets. "The legitimate Solana Python API project is known as 'solana-py' on GitHub, but simply 'solana' on the Python software registry, PyPI," Sonatype researcher Ax Sharma said in a report published last week.
Did you know it’s now possible to build blockchain applications, known also as decentralized applications (or “dApps” for short) in native Python? Blockchain development has traditionally required...
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
The U.S. Department of Justice has indicted two brothers for allegedly manipulating the Ethereum blockchain and stealing $25 million worth of cryptocurrency within approximately 12 seconds in a "First-of-its-kind" scheme. "The brothers, who studied computer science and math at one of the most prestigious universities in the world, allegedly used their specialized skills and education to tamper with and manipulate the protocols relied upon by millions of Ethereum users across the globe. And once they put their plan into action, their heist only took 12 seconds to complete," said U.S. Attorney Damian Williams.
About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.
How can organizations balance the need for robust digital asset protection with the drive for business innovation and agility? To best integrate digital assets in your business, it's crucial to integrate your digital asset management solution with your IT systems.
A blockchain developer shares his ordeal over the holidays when he was approached on LinkedIn by a "Recruiter" for a web development job. The recruiter in question asked the developer to download npm packages from a GitHub repository, and hours later the developer discovered his MetaMask wallet had been emptied.
Dubbed "NKAbuse" by the researchers, the Go-based backdoor offers criminal attackers a range of possibilities, including being able to DDoS or fling remote access trojans, and leans on NKN for more anonymous yet reliable data exchange. NKN is an open source protocol that lets users perform a peer-to-peer data exchange over a public blockchain - like a cross between a traditional blockchain and the Tor network.
A novel multi-platform threat called NKAbuse has been discovered using a decentralized, peer-to-peer network connectivity protocol known as NKN (short for New Kind of Network) as a communications...