Advertisement
JINX-0164 Targets Crypto Firms with macOS Malware and Fake Lures
The JINX-0164 threat actor targets cryptocurrency firms via recruitment-themed social engineering, macOS-specific malware, and CI/CD infrastructure exploits.
FBI Warns: $388M Lost to Crypto ATM Scams in 2023 – Defense Guide
The FBI reports Americans lost over $388 million to crypto ATM scams in 2023, driven by social engineering. Learn how to protect against these financial frauds.
BlueNoroff Exploits Fake Zoom Meetings to Deploy macOS Malware
BlueNoroff leverages AI avatars and stolen video to compromise crypto executives via fake Zoom calls and the Hidden Risk macOS malware family.
26 FakeWallet Apps Infiltrate Apple App Store - Research Analysis
Researchers discover 26 malicious apps on the Apple App Store impersonating crypto wallets to steal seed phrases via trojanized software and browser redirects.
Grinex Exchange Shuts Down After $13.74M State-Sponsored Hack
Sanctioned exchange Grinex halts operations following a $13.74M hack attributed to Western intelligence agencies. Analysis of TTPs and geopolitical impact.
REF6598 Exploits Obsidian Plugins to Deploy PHANTOMPULSE RAT
Attackers are targeting finance and crypto sectors by abusing Obsidian plugins to deliver the PHANTOMPULSE RAT via sophisticated social engineering.
CVE-2024-21390: EngageLab SDK Vulnerability Risks Android Crypto Wallets
Microsoft reveals a vulnerability in the EngageLab SDK affecting millions of Android crypto wallet users, potentially allowing for private key theft.
Drift Protocol Hacked for $285M via Durable Nonce Attack
Solana-based DEX Drift Protocol lost $285 million due to a social engineering and durable nonce attack, leading to Security Council takeover.
Ledger Wallet Seed Phrase Exposure: South Korean NTS Data Leak
South Korean tax authorities accidentally exposed a Ledger mnemonic recovery phrase, leading to a $4.4 million cryptocurrency theft from seized wallets.
UNC4899 Exploits AirDrop for Crypto Firm Breach — Analysis
UNC4899 breached a crypto firm using AirDrop to bypass network security. This analysis explores the TTPs of North Korean threat actors in 2025.
FBI Arrests Suspect in $46M US Marshals Crypto Theft
A suspect linked to the theft of $46 million in cryptocurrency from the U.S. Marshals Service has been arrested. Runtime Rebel analyzes the incident and key takeaways
QuickLens Chrome Extension Hijacked to Deploy ClickFix Malware
Malicious QuickLens Chrome extension removed from Web Store after stealing cryptocurrency and deploying ClickFix malware to 30,000 users.