CP
cyberpings

ThreatsDay Bulletin - $290M DeFi Hack and Ongoing Threats

This week's ThreatsDay Bulletin reveals a $290 million DeFi hack linked to North Korea. MajorDoMo and npm packages face exploitation. Stay updated on these critical threats.

Threat IntelHIGHUpdated: Published:
Featured image for ThreatsDay Bulletin - $290M DeFi Hack and Ongoing Threats

Original Reporting

THThe Hacker News

AI Summary

CyberPings AI·Reviewed by Rohit Rana

🎯Basically, hackers stole $290 million using old tricks and new tech.

What Happened

In the latest ThreatsDay Bulletin, a staggering $290 million was stolen from the decentralized finance (DeFi) project KelpDAO, allegedly orchestrated by North Korean threat actors known as TraderTraitor. This incident underscores persistent vulnerabilities in the crypto space, exacerbated by a messy supply chain and outdated security practices.

Major Exploits

In addition to the DeFi hack, MajorDoMo, a smart home automation platform, is facing exploitation of critical vulnerabilities. CVE-2026-27175 allows attackers to execute commands remotely, while CVE-2026-27174 enables unauthenticated remote code execution. These flaws have already been exploited to install persistent backdoors on affected systems.

Supply Chain Malware Surge

The bulletin also reveals a surge in malicious packages within the npm registry. Multiple packages were found to steal sensitive data and implant backdoors. Notably, some packages can self-propagate, spreading malware across ecosystems, including PyPI.

AI Threats

Moreover, Forcepoint has identified 10 new indirect prompt injection payloads targeting AI systems. These payloads are designed to manipulate AI agents into executing harmful actions, such as financial fraud and data theft.

Covert Browser Access

The Claude desktop app has been flagged for granting itself unauthorized access to web browser data. This raises significant privacy concerns, particularly in the context of EU regulations.

Hardware Vulnerabilities

In a related development, reports from Iran allege that U.S.-made networking equipment may have been sabotaged with hidden backdoors, leading to disruptions during critical moments. This points to potential supply chain vulnerabilities that could have far-reaching implications.

Ransomware Rivalry

The bulletin also covers the escalating conflict between ransomware groups, where Krybit retaliated against rival 0APT after a data leak. This infighting highlights the chaotic and competitive nature of the ransomware landscape.

Conclusion

The ThreatsDay Bulletin serves as a stark reminder of the evolving threat landscape. From high-profile hacks to ongoing exploitation of vulnerabilities, organizations must remain vigilant and proactive in their cybersecurity efforts.

🔒 Pro Insight

🔒 Pro insight: The KelpDAO hack exemplifies how supply chain vulnerabilities can be exploited in decentralized finance environments.

THThe Hacker News
Read Original

Share

Related Pings

Threat Intel
HIGH

Iran Threat Groups Refine Attacks on Critical Infrastructure

Iranian threat groups are ramping up attacks on critical infrastructure, targeting essential services like energy and water. This poses serious risks to national security, demanding immediate attention and action from organizations.

CSCybersecurity Dive
Read PingRead Source
Preview image for China's Covert Network Botnets - Stealthy Cyberattack Tactics
Threat Intel
HIGH

China's Covert Network Botnets - Stealthy Cyberattack Tactics

China-linked hackers are using covert botnets to hide their cyberattacks, making it harder to detect their activities. This poses serious risks to global cybersecurity. Security agencies are urging enhanced defensive measures.

CSCybersecurity Dive
Read PingRead Source
Preview image for Bitwarden CLI Compromised - Ongoing Checkmarx Supply Chain Attack Exposes Millions
Threat Intel
HIGH

Bitwarden CLI Compromised - Ongoing Checkmarx Supply Chain Attack Exposes Millions

Bitwarden CLI has been compromised as part of an ongoing supply chain attack, exposing millions to credential theft risks. Immediate actions are essential for affected users.

THThe Hacker News+1 more
Read PingRead Source
Preview image for Critical Minerals - Rising Cyber Threats and Geopolitical Risks
Threat Intel
HIGH

Critical Minerals - Rising Cyber Threats and Geopolitical Risks

Critical minerals are becoming strategic assets, with state-sponsored cyber operations targeting the mining sector. This poses significant risks, especially from China. As competition heats up, organizations must bolster their defenses.

RFRecorded Future Blog
Read PingRead Source
Preview image for Electricity - Growing Cyber Risk from Voltage Manipulation
Threat Intel
HIGH

Electricity - Growing Cyber Risk from Voltage Manipulation

Cyberattackers are manipulating electricity systems, posing serious risks to IT infrastructure. This emerging threat requires immediate attention and robust security measures. Stay informed and prepared to protect your systems.

DRDark Reading
Read PingRead Source
Preview image for UK Warns of Chinese Hackers Using Proxy Networks to Evade Detection
Threat Intel
HIGH

UK Warns of Chinese Hackers Using Proxy Networks to Evade Detection

The UK warns of a rising threat from Chinese hackers using proxy networks of hijacked devices. This tactic complicates detection and poses serious cybersecurity risks. Organizations must enhance their defenses against these evolving threats.

BCBleepingComputer
Read PingRead Source