Over 100 Chrome Web Store extensions steal user accounts, data

More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, ...

Post-Quantum Cryptography: The Case For Agility Over Certainty

​For much of the past decade, post-quantum cryptography (PQC) lived primarily in academic journals and standards committees.

Microsoft Confirms New And Widespread 2FA Code Attacks Ongoing

The Microsoft Defender Security Research Team has confirmed that a pervasive new authentication code attack is compromising ...

Critical flaw in wolfSSL library enables forged certificate use

A critical vulnerability in the wolfSSL SSL/TLS library can weaken security via improper verification of the hash algorithm ...
CoinDesk

Attacker mints $1 billion Polkadot tokens on Ethereum, ends up stealing just $250,000

A forged cross-chain message bypassed state proof validation on the bridge contract, granting admin control over the bridged ...
The Hacker News

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to patch today ...
Decrypt

New Tools Aim to Make AI 'Vibe Coding' Safer for Crypto

A new initiative by Matterhorn and the ASI Alliance adds auditing tools and safety checks for vibe coding smart contracts.

Hyperbridge attacker mints 1B bridged Polkadot tokens in $237K exploit

An attacker minted 1 billion bridged DOT tokens on Hyperbridge before selling it all for just $237,000 in Ether, igniting renewed concerns tied to cross-chain bridge security.