A researcher found Shai Hulud malware in more than 400 NPM libraries, including at least 10 crypto packages tied to ENS. The intrusion heightens supply-chain risk for developers and ENS users.
A worm propagating through WhatsApp is distributing a banking trojan across Brazil, specifically aiming to harvest crypto wallet credentials and online banking logins. Cybersecurity firms and authorities are warning users to be cautious with messages and links.
Security researchers say a new 'ClickFix' malware uses a social engineering trick to get victims to run a command and then siphon Bitcoin from their wallets. Users are urged to treat unexpected CAPTCHA-like prompts with suspicion and secure private keys.