A sophisticated attack attributed to North Korea’s Lazarus Group exploited Bybit’s Ethereum hot wallet, stealing 401,346.76 ETH ($1.12 billion) via a malicious proxy contract upgrade. Hackers manipulated the wallet’s implementation and executed transactions through a deceitful call structure. Recovery efforts have reclaimed $1.23 billion, highlighting vulnerabilities in multisig wallet security.
Critical Kibana Vulnerability Let Attackers Execute Arbitrary Code
Elastic has issued a critical security advisory for Kibana vulnerability CVE-2025-25012, allowing authenticated attackers to execute arbitrary code, scoring 9.9 on the CVSS scale. The
