Login

Recent searches

No recent searches

Search options

Only available when logged in.
masto.ai is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general Mastodon server for all languages.

Administered by:

Server stats:

2.1K
active users

masto.ai: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.4

#cryptocurrency

394 posts83 participants46 posts today
Public
OTX Bot

Atomic and Exodus crypto wallets targeted in malicious npm campaign

A malicious npm package named pdf-to-office was discovered targeting cryptocurrency wallets. The package, posing as a PDF to Office converter, injects malicious code into locally installed Atomic and Exodus wallets. This attack modifies legitimate files to redirect crypto funds to the attacker's wallet. The campaign shows persistence, as removing the malicious package doesn't remove the injected code from the wallets. Multiple versions of both wallets were targeted, with the attackers adapting their code accordingly. This incident highlights the growing scope of software supply chain risks, particularly in the cryptocurrency industry, and emphasizes the need for improved monitoring of both source code repositories and locally deployed applications.

Pulse ID: 67fd41f7af4b02a0fd75fb69
Pulse Link: otx.alienvault.com/pulse/67fd4
Pulse Author: AlienVault
Created: 2025-04-14 17:12:23

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
#Atomic#CyberSecurity#InfoSec
Public
OTX Bot

Slow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python Malware

Slow Pisces, a North Korean state-sponsored threat group, has launched a campaign targeting cryptocurrency developers using LinkedIn recruitment schemes and malicious coding challenges. The group impersonates recruiters, sending benign PDFs with job descriptions followed by coding tasks linked to compromised GitHub repositories. These repositories contain malware disguised as legitimate projects, using techniques like YAML deserialization and EJS rendering to execute malicious code. The campaign introduces new malware named RN Loader and RN Stealer, which gather victim information and potentially establish persistent access. This sophisticated approach has reportedly led to over $1 billion in cryptocurrency theft in 2023 alone.

Pulse ID: 67fce4dbd05e59dcedb21adc
Pulse Link: otx.alienvault.com/pulse/67fce
Pulse Author: AlienVault
Created: 2025-04-14 10:35:07

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
#CyberSecurity#GitHub#InfoSec
Public
Valerie's Mutual Aid Alt

hey all, i still didnt get enough money last week, i really need donations desperately, please donate, i need the help to afford food and other things please, i live in an abusive and transphobic home and need donations to live, please donate to my monero address to help me afford HRT. Please help me.

current goals:

immediate necessary expenses: 35$/250$

prescription glasses: 0$/250$

payment information:

cashapp: cash.app/vparagon

gofundme: gofund.me/034cef1a

cashapp referral (i make 5$): cash.app/app/QPL1BJF

monero address: 8576pqM8cmNW92eogjqnYzEewZbmwUbY61xRcGmbVCFphchaXKyAad1Xj9oNrYWQNqZkcm2kCHEzea4Y5Wd3DMUW4DozSV2

@mutualaid @disability @trans @vegan

monero qr code
#mutualaid#transmutualaid#queermutualaid
ExploreLive feeds
About