You know that feeling when you open your feed on a Thursday morning and it’s just… a lot? Yeah. This week delivered. We’ve got hackers getting creative in ways that are almost impressive if you ignore the whole “crime” part, ancient vulnerabilities somehow still ruining people’s days, and enough supply chain drama to fill a season of television nobody asked for.
Not all bad though. Some threat actors got exposed with receipts, a few platforms finally tightened things up, and there’s research in here that’s genuinely worth your time. Grab your coffee and keep scrolling.
-
Targeted wallet breach
Cryptocurrency wallet service Zerion has disclosed that one of its team member’s devices was compromised, resulting in the theft of approximately $100K in stolen funds from internal company hot wallets. The company noted that user funds, Zerion apps, or infrastructure were not impacted by the breach. The team member is said to have been the target of an artificial intelligence (AI)-enabled social engineering attack carried by a North Korean threat actor tracked as UNC1069. The hacking group was recently attributed to the poisoning of the popular Axios npm package. “This allowed the attacker to gain access to some of the team members’ logged-in sessions and credentials as well as private keys to company hot wallets used for testing and internal purposes,” Zerion said. “This was not an opportunistic attack. The actor is clearly sophisticated and well-resourced. They planned the attack thoroughly.”
-
Anonymous age checks
The European Union has announced that it will soon roll out a new online age verification app to allow users to prove their age when accessing online platforms. Users can set it up by downloading the app on their Android or iOS device using a passport or ID card. The Commission has emphasized that the app will respect users’ privacy. “Users will prove their age without revealing any other personal information,” President of the European Commission, Ursula von der Leyen, said. “Put simply, it is completely anonymous: users cannot be tracked. Third, the app works on any device – phone, tablet, computer, you name it. And, finally, it is fully open source – everyone can check the code.” The development comes as countries around the world are undertaking various stages of regulatory action to keep cyberspace a safer place for children and minors and protect them from serious harm.
-
New Defender zero-day
A researcher using the alias “Chaotic Eclipse” released a zero-day exploit called BlueHammer earlier this month following Microsoft’s handling of the vulnerability disclosure process. Although the issue appears to have been fixed as of this month’s Patch Tuesday release (CVE-2026-33825), the researcher has since disclosed a new unpatched Microsoft Defender…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
