CSO Online

HP Poly VoIP vulnerability sets the stage for executive voice deepfakes

The remote code execution flaw enables root access and voice attacks on HP Poly VoIP phones, including eavesdropping and the ...
SecurityWeek

Gogs Zero-Day Exposes Servers to Remote Code Execution

Open source Git service Gogs is affected by a critical-severity zero-day vulnerability that exposes servers to remote code execution.
Dark Reading

AI-Assisted Exploit Development Outpaces Scanner Detection

Attackers have reduced the time to develop an exploit for a known vulnerability from 125 days to a mere half a day, thanks to the use of AI-assisted development, leaving vulnerability scanners ...
Crypto Briefing

$3.2M drained from Gnosis Safe wallets through SquidRouterModule exploit

A flaw in something called the SquidRouterModule allowed an attacker to siphon roughly $3.2 million from 86 Gnosis Safe wallets spread across Ethereum and Base. The entire heist took about two hours.
blockchain

SquidRouterModule Exploit Drains $3.2M From Safe Wallets

A third-party module exploit drained $3.2M from Safe wallets on Ethereum and Base. Squid and Safe Labs distance themselves from responsibility. A third-party module exploit targeting Safe wallets ...
crypto

Squid rushes to separate brand from $3 million Gnosis Safe module exploit

Squid has moved quickly to stress that a recent $3 million exploit targeted a third party Gnosis Safe module called SquidRouterModule, not its core cross chain routing contracts, after 86 wallets on ...
crypto

Blockaid flags $3M SquidRouterModule exploit across 86 Safes

The blockchain security firm said the stolen tokens were swapped into DAI through attacker-controlled Uniswap V3 pools. The alert listed an exploiter address, a consolidation wallet, and one example ...
SecurityWeek

Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks

Google and iVerify analysis reveals a powerful exploit kit originally used by Russian state actors that is now appearing in broader criminal campaigns. Multiple iOS exploits and five exploit chains ...
CoinTelegraph

Squid and Safe Labs say third-party module behind $3.2M exploit

A third-party module drained about $3 million from Safe wallets, with Squid attributing the incident to an external Safe module, saying its core systems were unaffected. A suspected third-party Safe ...
Ars Technica

Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...
CoinTelegraph

THORChain pauses trading after suspected $10M exploit

THORChain paused trading after ZachXBT flagged a suspected $10 million exploit spanning Bitcoin, Ethereum, BNB Chain and Base. Decentralized liquidity protocol THORChain halted trading after ...