Security Boulevard

500,000 Vulnerabilities, 14 That Matter: How Exploit Chain Analysis Cuts Through the Noise

When 500,000 Findings Hide 14 Real Threats Modern enterprises ingest vulnerability data from dozens of sources: endpoint ...

Kelp exploit highlights problem with non-isolated DeFi lending: Crypto execs

Crypto industry executives and blockchain security researchers discuss how the exploit of the Kelp liquid restaking protocol affected the DeFi ecosystem.

Thieves Can Drain Funds From A Locked iPhone With This Transit Trick: How To Protect Yourself

An iPhone exploit allows bad actors to conduct high-value transactions from your locked phone. Here’s the simple step you ...
SecurityWeek

Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers

Hackers have been unsuccessfully targeting CVE-2023-33538, a vulnerability in discontinued TP-Link routers, for a year.
Dark Reading

Exploits Turn Windows Defender Into Attacker Tool

Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are ...

Hackers are abusing unpatched Windows security flaws to hack into organizations

A security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

Did Trump want to use nuclear codes in Iran? Did Dan Caine stop him? Ex-CIA analyst's claim fact checked

Larry Johnson claims Donald Trump sought to use nuclear codes in Iran but Gen Dan Caine stopped it; no evidence backs a ...
CoinDesk

The $292 million Kelp DAO exploit shows why crypto bridges are still one of the industry's weakest links

The problem is structural and as long as bridges depend on complex systems with shared infrastructure and hidden trust ...
CoinDesk

LayerZero blames Kelp's setup for $290 million exploit, attributes it to North Korea's Lazarus

LayerZero said the attackers compromised two RPC nodes the company's verifier relied on and DDoS'd the rest, with the attack ...

Market Brief: DeFi Is Cooked? The Market Is Asking The Wrong Question

DeFi came under fresh pressure after the KelpDAO exploit triggered a sharp shock across Aave and revived fears around ...