SlowMist Chief Information Security Officer 23pds tweeted that due to the new attack chain of the latest remote code execution vulnerability in React/Next.js, the success rate of related attacks will be significantly improved. Since a large number of DeFi platforms currently use React, the vulnerability may have a wide range of effects, and DeFi platforms need to guard against related security risks.
慢雾首席信息安全官23pds发推表示,鉴于React/Next.js最新远程代码执行漏洞已出现新的攻击链,相关攻击成功率将显著提升。由于目前大量DeFi平台使用React,该漏洞可能影响范围广泛,各DeFi平台需防范相关安全风险。
SlowMist Chief Information Security Officer 23pds tweeted, "A member of the suspected North Korean hacking group Kimsuky APT suffered a major data breach, leaking hundreds of gigabytes of internal documents and tools. The intrusion occurred around the beginning of June 2025, exposing the group's sophisticated backdoor, phishing framework and reconnaissance operations. According to an analysis of the leaked files, internal dumps originated from two compromised systems of Kimsuky operators under t...
慢雾首席信息安全官 23pds 发推表示,“疑似朝鲜黑客组织 Kimsuky APT 一名成员遭遇重大数据泄露,泄露数百 GB 的内部文件和工具。入侵大概发生在 2025 年 6 月初,暴露该组织复杂的后门、网络钓鱼框架和侦察行动,根据对泄露档案的分析,内部转储源自化名为『KIM』的 Kimsuky 操作员的两个受损系统。一个是运行 Deepin 20.9 的 Linux 开发工作站;另一个是用于鱼叉式网络钓鱼活动...
According to the Slow Mist CISO@im23pds, the crypto industry wallet solution HashiCorp Vault was found 0-Day vulnerability, involving authentication and authorization, remote code execution, etc. Please upgrade in time.
据慢雾CISO@im23pds称,加密货币行业钱包解决方案 HashiCorp Vault 被发现0-Day 漏洞,涉及身份验证和授权、远程代码执行等方面,请及时升级。
SlowMist's chief information security officer, 23pds, tweeted that security firm Koi had revealed more than 40 counterfeit crypto wallet extensions in the official Firefox browser add-on store, including mainstream wallets such as MetaMask and Coinbase Wallet. These malicious plug-ins steal mnemonic words by implanting event listening code and send the data back to the attacker's server.
慢雾科技首席信息安全官23pds发推称,安全公司Koi披露火狐(Firefox)浏览器官方插件商店出现40余个假冒加密钱包扩展程序,仿冒对象包括MetaMask、Coinbase Wallet等主流钱包。这些恶意插件通过植入事件监听代码窃取助记词,并将数据回传至攻击者服务器。
SlowMist Chief Information Security Officer @im23pds posted on the X platform that the Cork Protocol attacker's Ethereum address held 4,530.59 ETH, which is currently worth $12,125,718.18.
慢雾首席信息安全官 @im23pds 在 X 平台发文表示,Cork Protocol 攻击者的以太坊地址持有 4,530.59 枚 ETH,目前价值 12,125,718.18 美元。