Cybersecurity researchers have identified a sophisticated cyberattack targeting cryptocurrency wallets. The attackers use a deceptive software supply chain to target wallets like Atomic Wallet and Exodus, exploiting vulnerabilities in JavaScript and Node.js developers’ npm package manager. The attack uses a malicious package, pdf-to-office, which alters the victim’s system when downloaded and intercepts and reroutes cryptocurrency transactions. The attack is harder to detect because it does not directly attack open-source repositories. Removing the malicious package does not eliminate the threat, necessitating a full uninstall and reinstallation of the affected wallet.

Simple Mistakes That Hand Over Your Account Details to Scammers in Seconds
Scammers are increasingly using fake APK files disguised as legitimate apps to trick users and steal sensitive data. These files are typically shared via WhatsApp,