A Rust infostealer called IronWorm hid in 36 npm packages from the Arweave ecosystem. The malware self-replicated and then pushed backdated malicious commits across nine organizations. Developers who ...

Solana’s role in crypto has shifted considerably over the past two years. It was once mostly a high-throughput Ethereum ...

A Binance legal document disclosed a revenue-sharing agreement with Alpaca, which includes sharing 50% of the stock custodian’s order flow revenue with the cryptocurrency exchange. Binance disclosed a ...

Fake Claude Code installer malware used Google Ads to place spoofed AI tool pages above real documentation since March 2026.

More than 40 crypto firms, including rival exchanges Coinbase and Kraken, are backing a Blockworks-led framework aimed at bringing stock market-style disclosures to token markets.

Developer platform Socket says a malware called TrapDoor is targeting crypto and AI developers across npm, PyPI and Crates, aiming to steal crypto wallet info and browser data.

The company clarified that only 1% of users were affected and pledged full reimbursement. Meanwhile, a massive supply chain hack targeting JavaScript libraries downloaded over a billion times, but ...

A Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was compromised to push malware and attempt to steal crypto from thousands of ...

Infostealer threats are rapidly expanding beyond traditional Windows-focused campaigns, increasingly targeting macOS environments, leveraging cross-platform languages such as Python, and abusing ...

Trust Wallet says attackers who compromised its browser extension right before Christmas have drained approximately $7 million from nearly 3,000 cryptocurrency wallet addresses. The cryptocurrency ...

What Did Binance Change in Its Futures API? Binance has added a new endpoint to its USDⓈ-M futures API — a move that points toward internal preparations for stock-linked perpetual futures. A Dec. 11 ...