Security News

The US Department of Justice announced that law enforcement seized billions worth of cryptocurrency linked to the 2016 Bitfinex cryptocurrency exchange hack. In 2016, the 119,756 bitcoins stolen during the attack were worth almost $78 million and are now valued at roughly $4.5 billion.

ExpressVPN has updated its bug bounty program to make it more inviting to ethical hackers, now offering a one-time $100,000 bug bounty to whoever can compromise its systems. Today, ExpressVPN announced that they are now offering a $100,000 bug bounty for critical vulnerabilities in their in-house technology, TrustedServer.

Those following the tech world have probably heard about the recent hack of blockchain bridging service Wormhole that has amounted to the fourth-largest crypto theft, and second-largest De-Fi theft, ever. In this particular case, the attacker exploited Wormhole in such a way that they were able to trick it into minting 120,000 wrapped ethereum on the Solana blockchain, most of which the attacker then moved to the ethereum blockchain.

The attack discovered sometime this January, reportedly allowed threat actors to access emails and documents of some News Corp employees, including journalists. In a Securities & Exchange Commission filing seen by BleepingComputer today, News Corp shared that one of its systems had been subject to "Persistent cyberattack activity."

Some of Britain's favourite pub munch could end up in short supply after KP Snacks, makers of nuts and crisps, suffered a ransomware attack. Kenyon Produce, to give the company its formal name, wrote to small shops around the UK saying it had been infected with ransomware on 28 January, as reported by industry news site Better Retailing.

A researcher who showed Apple how its webcams can be hijacked via a universal cross-site scripting bug Safari bug has been awarded what is reportedly a record $100,500 bug bounty. The bug could be used by an adversary as part of an attack to gain full access to every website ever visited by the victim.

Apple last year fixed a new set of macOS vulnerabilities that exposed Safari browser to attack, potentially allowing malicious actors to access users' online accounts, microphone, and webcam. Security researcher Ryan Pickren, who discovered and reported the bugs to the iPhone maker, was compensated with a $100,500 bug bounty, underscoring the severity of the issues.

Apple has released security updates to fix two zero-day vulnerabilities, with one publicly disclosed and the other exploited in the wild by attackers to hack into iPhones and Macs. The first zero-day patched today [1, 2] is a memory corruption bug in the IOMobileFrameBuffer that affects iOS, iPadOS, and macOS Monterey.

Bandai Namco has deactivated the online PvP mode for the Dark Souls role-playing game, taking its servers offline to investigate reports about a severe security issue that may pose a risk to players. Bandai Namco allegedly ignored the report but given the severity of the flaw, the reporter decided to demonstrate it on popular streamers to raise awareness and show how critical it is.

Crypto.com has confirmed that a multi-million dollar cyber attack led to the compromise of around 400 of its customer accounts.Crypto.com CEO: 400 customer accounts hit.