π Vitalik Buterin Discusses Lightweight Clients for L1 and L2
#VitalikButerin #lightweightclients #Layer1 #Layer2 #blockchain #JavaScript #wallets #L2configurations #stateproofverification
According to Odaily, Vitalik Buterin recently addressed the need for lightweight clients for both Layer 1 (L1) and Layer 2 (L2) solutions in a response on X. Buterin emphasized that he has been advocating for lightweight clients for many years. He believes that the solution will emerge when developers like Noah Citron create a convenient JavaScript library, such as Helios or an alternative, that can be easily integrated into wallets.
Buterin also highlighted the importance of transitioning L2 configurations to the blockchain. This shift would facilitate the inclusion of lightweight client state proof verification as part of the configuration, making it easier to develop universal L2 lightweight clients.#VitalikButerin #lightweightclients #Layer1 #Layer2 #blockchain #JavaScript #wallets #L2configurations #stateproofverification
π Somnia Launches World Builder Tool for Enhanced 3D Experience Creation
#Somnia #WorldBuilder #3DExperiences #GameDevelopment #VirtualWorlds #Collaboration #NFTs #InteractiveDesign #VisualEditor #JavaScript #MMLMarkdown
According to Odaily, Somnia has announced the release of World Builder, a powerful new tool within the Somnia Dream Builder suite. This tool offers several key features designed to enhance the creation of 3D experiences.
World Builder includes a visual editor that allows users to create 3D experiences through an intuitive interface. Additionally, it features a code editor for editing JavaScript and MML markdown to implement custom logic. Users can also benefit from a real-time playback view, enabling them to interact with their creations as they build them. The tool also supports collaboration, allowing multiple users to work on projects together.
With World Builder, creators can develop complex and customized games, experiences, virtual worlds, and more. The tool is integrated with the Somnia ecosystem, providing compatibility with assets such as Bored Apes and other NFTs.#Somnia #WorldBuilder #3DExperiences #GameDevelopment #VirtualWorlds #Collaboration #NFTs #InteractiveDesign #VisualEditor #JavaScript #MMLMarkdown
π Major Security Breach Affects Multiple Decentralized Applications
#SecurityBreach #DecentralizedApplications #dApps #LottiePlayer #JavaScript #Cybersecurity #Scam #Phishing #Malware #Blockaid #BTC
According to Decrypt, a significant security breach has impacted several decentralized applications (dApps) due to malicious code injected into Lottie Player, a popular JavaScript animation library. The attack exploited recent updates to Lottie Playerβs npm package, specifically versions 2.0.5 through 2.0.7, where hackers embedded harmful code within JSON files that display animations on websites. At least one individual has lost 10 BTC (US$723,000) after unknowingly signing a phishing transaction linked to the breach, according to Scam Sniffer, a platform designed to protect users from online fraud.
Blockaid, a cybersecurity platform monitoring the incident, confirmed that the attackers deployed a fake wallet connection prompt, leading users to the drainer malware #SecurityBreach #DecentralizedApplications #dApps #LottiePlayer #JavaScript #Cybersecurity #Scam #Phishing #Malware #Blockaid #BTC
π Safe Developers' Devices Compromised, Malicious Code Injected
#SafeDevelopers #MaliciousCode #CyberAttack #TransactionSecurity #SlowMist #JavaScript #ByBit #CryptoSecurity
According to Foresight News, SlowMist has reported that the devices of Safe developers were compromised, leading to the injection of malicious code into the front-end. This attack intercepted and altered transaction parameters. Upon swift verification, it was confirmed that the JavaScript files on Safe's front-end contained malicious code. The associated address (0xbdd077f651ebe7f7b3ce16fe5f2b025be2969516) is linked to the malicious execution contract responsible for siphoning off $1.5 billion in assets from ByBit.#SafeDevelopers #MaliciousCode #CyberAttack #TransactionSecurity #SlowMist #JavaScript #ByBit #CryptoSecurity
π Antivirus Software May Misidentify Browser Extensions, Says SlowMist Founder
#Antivirus #BrowserExtensions #SlowMist #YuJian #CyberSecurity #WalletExtension #Quarantine #DataRecovery #JavaScript
According to Foresight News, SlowMist founder Yu Jian has highlighted a potential issue with antivirus software misidentifying browser extensions. In a recent tweet, Yu explained that if an antivirus program mistakenly flags a browser extension, such as a wallet extension's JavaScript file, it typically isolates the file. This isolation can render the wallet extension inoperable. Yu advises users to restore the file from quarantine rather than deleting it. He further cautions against uninstalling the wallet extension, as there may still be a chance to recover files related to locally encrypted private keys.#Antivirus #BrowserExtensions #SlowMist #YuJian #CyberSecurity #WalletExtension #Quarantine #DataRecovery #JavaScript
π Antivirus Software Mislabels Crypto Wallet Plugins As Malware
#Antivirus #CryptoWallet #Malware #SlowMist #PhantomKeyRetriever #JavaScript #BrowserPlugins #Cybersecurity
According to Foresight News, SlowMist has reported that users have experienced issues with antivirus software incorrectly identifying certain browser plugins, particularly cryptocurrency wallet plugins, as malware. This mislabeling has led to the isolation or deletion of JavaScript files, resulting in wallet damage. SlowMist has published guidance on how to properly restore isolated extension data and introduced an open-source script, PhantomKeyRetriever, to recover Phantom wallet mnemonic phrases or private keys from Chrome data.#Antivirus #CryptoWallet #Malware #SlowMist #PhantomKeyRetriever #JavaScript #BrowserPlugins #Cybersecurity
π Tether Plans to Recruit Talent for AI and Telecom Projects
#Tether #AI #Telecom #Recruitment #Technology #Web2 #Decentralization #C++ #JavaScript #ProjectManagement
According to PANews, Tether's CEO Paolo Ardoino announced on the X platform that the company is seeking to recruit talent for its artificial intelligence, telecommunications, and data projects. The recruitment will focus on C++, JavaScript, operating system developers, product managers, and technical project managers.
Ardoino also revealed that upcoming projects and plans aim to disrupt many traditional Web2 businesses. The focus will be on decentralizing real-world consumer applications through peer-to-peer technology.#Tether #AI #Telecom #Recruitment #Technology #Web2 #Decentralization #C++ #JavaScript #ProjectManagement
π XRP Ledger Foundation Urges Update Due to Potential Vulnerability
#XRP #XRPledger #vulnerability #securityupdate #JavaScript #malwareresearch #supplychainattack #AikidoSecurity
According to Odaily, the XRP Ledger Foundation has identified a potential vulnerability in the latest version of the XRPL JavaScript library used for building applications. The foundation is urging affected projects to update to the patched version of the code. This issue was discovered by Charlie Eriksen, a malware researcher at Aikido Security, who warned that the 'backdoor' could lead to a 'potentially catastrophic' supply chain attack.#XRP #XRPledger #vulnerability #securityupdate #JavaScript #malwareresearch #supplychainattack #AikidoSecurity
π Grafana Faces Potential Security Breach with Gato-X Exploit
#Grafana #SecurityBreach #GatoX #DataVisualization #Cybersecurity #OpenSource #AppTokens #JavaScript #GitHub #Backdoor #SensitiveInformation #Malware
According to PANews, a potential security breach has been reported involving the open-source data visualization tool Grafana. The Chief Information Security Officer of SlowMist Technology, known as 23pds, shared on the X platform that attackers may have used the Gato-X exploit to steal confidential signatures and attack multiple code repositories using app tokens.
The workflow in question reportedly involves a possibly related application private key. The suspected attackers allegedly used carefully crafted branch names to inject JavaScript code and steal sensitive information. The primary objectives of these code submissions appear to be generating high-privilege GitHub tokens via tibdex/github-app-token, manipulating the code, branches, and even the release process of the grafana/grafana repository, and potentially pushing concealed backdoor codes or tampering with certain version packages in the future.#Grafana #SecurityBreach #GatoX #DataVisualization #Cybersecurity #OpenSource #AppTokens #JavaScript #GitHub #Backdoor #SensitiveInformation #Malware
π Largest Supply Chain Attack Targets JavaScript Libraries, Threatens Crypto Security
#SupplyChainAttack #JavaScript #NPM #CryptoSecurity #CryptoClipper #WalletSecurity #HardwareWallet #SeedPhrase #Chalk #StripAnsi #ColorConvert #Cybersecurity #Malware
According to Cointelegraph, a significant supply chain attack has compromised widely used JavaScript software libraries, marking what is being described as the largest incident of its kind in history. The injected malware is reportedly designed to steal cryptocurrency by swapping wallet addresses and intercepting transactions. Reports indicate that hackers infiltrated the node package manager (NPM) account of a prominent developer, secretly embedding malware into popular JavaScript libraries utilized by millions of applications.
The malicious code is capable of hijacking or swapping cryptocurrency wallet addresses, thereby putting billions of downloads' worth of projects at risk. The breach specifically targeted packages such as chalk, strip-ansi, and color-convert, which are small utilities deeply embedded in the dependency trees of numerous projects. These libraries collectively receive over a billion downloads each week, suggesting that even developers who have not directly installed them could be exposed to the threat.
NPM functions as a central repository for developers, akin to an app store, where they can share and download small code packages to construct JavaScript projects. The attackers appear to have deployed a crypto-clipper, a type of malware that discreetly replaces wallet addresses during transactions to divert funds. Security researchers have cautioned that users relying on software wallets may be particularly vulnerable, whereas those who confirm every transaction on a hardware wallet are protected. It remains uncertain whether the malware also attempts to directly steal seed phrases.
This situation is evolving, and additional information will be provided as it becomes available.#SupplyChainAttack #JavaScript #NPM #CryptoSecurity #CryptoClipper #WalletSecurity #HardwareWallet #SeedPhrase #Chalk #StripAnsi #ColorConvert #Cybersecurity #Malware
π Ledger CTO Addresses Recent NPM Attack and Supply Chain Threats
#Ledger #NPM #NPMAttack #SupplyChainAttack #Phishing #Ethereum #Solana #HardwareWallets #ClearSigning #TransactionChecks #JavaScript #JavaScriptEcosystem #CryptoSecurity #BlockBeats #LedgerSecurity
According to BlockBeats, Ledger's Chief Technology Officer Charles Guillemet has provided an update on the recent NPM attack, stating that fortunately, the attack was unsuccessful with minimal victims. The attack began with phishing emails disguised as npm support domains, aiming to steal user credentials and allow attackers to publish malicious software package updates. The injected code targeted network encryption activities, infiltrating chains like Ethereum and Solana, hijacking transactions, and replacing wallet addresses directly in network responses. An error by the attackers led to a CI/CD pipeline crash, enabling early detection and limiting the impact.
Guillemet emphasized that this incident serves as a clear reminder of the risks associated with storing funds in software wallets or exchanges, where a single code execution could result in significant losses. Supply chain attacks remain a potent method for spreading malware, with an increasing number of targeted attacks being observed.
Hardware wallets are specifically designed to counter such threats. Features like "clear signing" allow users to accurately verify transaction details, while "transaction checks" can flag suspicious activities before issues arise. Although the immediate danger may have passed, the threat persists, and maintaining security is crucial.
Earlier today, BlockBeats reported a large-scale supply chain attack involving the compromise of a well-known developer's NPM account. The affected package has been downloaded over a billion times, posing a potential risk to the entire JavaScript ecosystem.#Ledger #NPM #NPMAttack #SupplyChainAttack #Phishing #Ethereum #Solana #HardwareWallets #ClearSigning #TransactionChecks #JavaScript #JavaScriptEcosystem #CryptoSecurity #BlockBeats #LedgerSecurity
π DeadLock Ransomware Utilizes Polygon Smart Contracts for Evasion
#DeadLock #Ransomware #Polygon #SmartContracts #Evasion #ChainCatcher #JavaScript #HTML #RPC #ProxyServers #EtherHiding #DecentralizedLedgers #EncryptedCommunication #Session #Malware
According to ChainCatcher, the ransomware family DeadLock is employing Polygon smart contracts to distribute and rotate proxy server addresses, aiming to evade security detection. Initially discovered in July 2025, this malware embeds JavaScript code within HTML files to interact with the Polygon network, using RPC lists as gateways to obtain server addresses controlled by attackers. This technique resembles the previously identified EtherHiding method, which leverages decentralized ledgers to create hard-to-block covert communication channels. DeadLock has released at least three variants, with the latest version incorporating the encrypted communication application Session to directly communicate with victims.#DeadLock #Ransomware #Polygon #SmartContracts #Evasion #ChainCatcher #JavaScript #HTML #RPC #ProxyServers #EtherHiding #DecentralizedLedgers #EncryptedCommunication #Session #Malware
π Apifox Desktop Client Faces Supply Chain Attack with Malicious Code Injection
#Apifox #DesktopClient #SupplyChainAttack #MaliciousCode #JavaScript #CredentialTheft #SensitiveDataExposure #RemoteCommandExecution #SecurityBreach #SlowMist #CyberSecurity #APILogs #TokenRevoke #PasswordReset #APIReview
Apifox's desktop client has been targeted in a supply chain attack, according to PANews. The official CDN-hosted front-end script files were injected with highly obfuscated malicious JavaScript code. Users affected by this breach may face risks such as credential theft, sensitive data exposure, and remote command execution, with the malicious code executing automatically and remaining highly concealed.
Security firm SlowMist advises users to immediately revoke all tokens, reset passwords, log out and log back in to invalidate sessions, block the domain *.apifox.it.com, clear local storage, and review API logs and any abnormal activities.#Apifox #DesktopClient #SupplyChainAttack #MaliciousCode #JavaScript #CredentialTheft #SensitiveDataExposure #RemoteCommandExecution #SecurityBreach #SlowMist #CyberSecurity #APILogs #TokenRevoke #PasswordReset #APIReview
π Axios Library Compromised by Malicious Attack
#Axios #JavaScript #npm #CyberSecurity #Malware #RAT #SupplyChainAttack #macOS #Windows #Linux #SoftwareSecurity #OIDC #SLSA #Huntress #ChainCatcher #npmToken
An attacker has compromised the npm access token of the lead maintainer of Axios, a popular JavaScript HTTP client library, and used it to release two malicious versions containing cross-platform remote access trojans (RATs). According to ChainCatcher, these versions, axios@1.14.1 and axios@0.3.4, targeted macOS, Windows, and Linux systems. The malicious packages were removed from the npm registry approximately three hours after their release.
Data from security company Wiz indicates that Axios is downloaded over 100 million times weekly and is present in about 80% of cloud and code environments. Security firm Huntress detected the first infections just 89 seconds after the malicious packages went live and confirmed that at least 135 systems were compromised during the exposure period. Notably, the Axios project had implemented modern security measures such as the OIDC trusted publishing mechanism and SLSA provenance proofs. However, the attacker bypassed these defenses entirely.
The investigation revealed that while configuring OIDC, the project retained the traditional long-lived NPM_TOKEN. When both tokens coexist, npm defaults to using the traditional token, allowing the attacker to publish without breaching OIDC.#Axios #JavaScript #npm #CyberSecurity #Malware #RAT #SupplyChainAttack #macOS #Windows #Linux #SoftwareSecurity #OIDC #SLSA #Huntress #ChainCatcher #npmToken