News list for "ciso"

SlowMist CISO: New vulnerability in React/Next.js may affect a large number of DeFi platforms

SlowMist Chief Information Security Officer 23pds tweeted that due to the new attack chain of the latest remote code execution vulnerability in React/Next.js, the success rate of related attacks will be significantly improved. Since a large number of DeFi platforms currently use React, the vulnerability may have a wide range of effects, and DeFi platforms need to guard against related security risks.

clock
2025-12-05 03:12:03
慢雾CISO:React/Next.js新漏洞或波及大量DeFi平台

慢雾首席信息安全官23pds发推表示,鉴于React/Next.js最新远程代码执行漏洞已出现新的攻击链,相关攻击成功率将显著提升。由于目前大量DeFi平台使用React,该漏洞可能影响范围广泛,各DeFi平台需防范相关安全风险。

clock
2025-12-05 03:12:03
Slow Mist CISO: Suspected North Korean hacking group Kimsuky APT members suffered a data breach, exposing internal tools and operational details

SlowMist Chief Information Security Officer 23pds tweeted, "A member of the suspected North Korean hacking group Kimsuky APT suffered a major data breach, leaking hundreds of gigabytes of internal documents and tools. The intrusion occurred around the beginning of June 2025, exposing the group's sophisticated backdoor, phishing framework and reconnaissance operations. According to an analysis of the leaked files, internal dumps originated from two compromised systems of Kimsuky operators under t...

clock
2025-08-13 04:04:12
慢雾 CISO:疑似朝鲜黑客组织 Kimsuky APT 成员遭数据泄露,暴露内部工具与行动细节

慢雾首席信息安全官 23pds 发推表示,“疑似朝鲜黑客组织 Kimsuky APT 一名成员遭遇重大数据泄露,泄露数百 GB 的内部文件和工具。入侵大概发生在 2025 年 6 月初,暴露该组织复杂的后门、网络钓鱼框架和侦察行动,根据对泄露档案的分析,内部转储源自化名为『KIM』的 Kimsuky 操作员的两个受损系统。一个是运行 Deepin 20.9 的 Linux 开发工作站;另一个是用于鱼叉式网络钓鱼活动...

clock
2025-08-13 04:04:12
SlowMist CISO: Crypto Wallet Solution HashiCorp Vault Discovered 0-Day Vulnerability

According to the Slow Mist CISO@im23pds, the crypto industry wallet solution HashiCorp Vault was found 0-Day vulnerability, involving authentication and authorization, remote code execution, etc. Please upgrade in time.

clock
2025-08-07 12:01:00
慢雾 CISO:加密钱包解决方案 HashiCorp Vault 被发现 0-Day 漏洞

据慢雾CISO@im23pds称,加密货币行业钱包解决方案 HashiCorp Vault 被发现0-Day 漏洞,涉及身份验证和授权、远程代码执行等方面,请及时升级。

clock
2025-08-07 12:01:00
Slow Mist CISO: Security firm Koi reveals more than 40 counterfeit crypto wallet extensions in the official Firefox browser plug-in store

SlowMist's chief information security officer, 23pds, tweeted that security firm Koi had revealed more than 40 counterfeit crypto wallet extensions in the official Firefox browser add-on store, including mainstream wallets such as MetaMask and Coinbase Wallet. These malicious plug-ins steal mnemonic words by implanting event listening code and send the data back to the attacker's server.

clock
2025-07-03 02:42:18
慢雾CISO:安全公司Koi披露火狐浏览器官方插件商店出现40余个假冒加密钱包扩展程序

慢雾科技首席信息安全官23pds发推称,安全公司Koi披露火狐(Firefox)浏览器官方插件商店出现40余个假冒加密钱包扩展程序,仿冒对象包括MetaMask、Coinbase Wallet等主流钱包。这些恶意插件通过植入事件监听代码窃取助记词,并将数据回传至攻击者服务器。

clock
2025-07-03 02:42:18
SlowMist CISO: Cork Protocol Attacker Ethereum Address Holds Over 4530 ETH

SlowMist Chief Information Security Officer @im23pds posted on the X platform that the Cork Protocol attacker's Ethereum address held 4,530.59 ETH, which is currently worth $12,125,718.18.

clock
2025-05-28 13:11:18
慢雾 CISO:Cork Protocol 攻击者以太坊地址持有逾 4530 枚 ETH

慢雾首席信息安全官 @im23pds 在 X 平台发文表示,Cork Protocol 攻击者的以太坊地址持有 4,530.59 枚 ETH,目前价值 12,125,718.18 美元。

clock
2025-05-28 13:11:18
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.