The US Treasury was hacked by a China-state-sponsored actor, who stole a key to access unclassified documents. This follows other incidents where Chinese groups infiltrated US firms like AT&T, stealing large volumes of cellphone data and exposing sensitive information. China has denied any involvement, calling these accusations groundless and false. The extent of the recent attack is still unclear.
Malicious npm packages target Ethereum developers
Ethereum developers are being targeted by malicious npm packages that impersonate Hardhat plugins to steal private keys and sensitive data. Socket researchers reported the ongoing
