Defendor

Sign in Subscribe

Latest

Ongoing Supply Chain Attack Hits CrowdStrike npm Packages - Urgent Security Alert

Ongoing Supply Chain Attack Hits CrowdStrike npm Packages - Urgent Security Alert

Source: socket.dev - Ongoing Supply Chain Attack Targets CrowdStrike npm Packages A persistent supply chain attack, dubbed the “Shai-Halud” campaign, has escalated with multiple CrowdStrike npm packages now compromised. This campaign, first linked to Tinycolor and over 40 other npm packages, uses malicious code to stealthily seek and steal

Securing Polygon: Essential Risk Guide for PoS & zkEVM Deployments

Securing Polygon: Essential Risk Guide for PoS & zkEVM Deployments

Source: Securing Polygon Deployments: A Guide to Navigating Risk Across PoS and zkEVM Polygon is a cornerstone in Ethereum’s scaling landscape, combining the scalable Polygon PoS chain with the Ethereum-native zkEVM rollup. For developers and project teams operating here, grasping the different security models and governance dynamics is key

SwissBorg Loses $41.5M After Partner’s API Gives Hackers Full Access

SwissBorg Loses $41.5M After Partner’s API Gives Hackers Full Access

Source: SwissBorg REKT Swiss wealth management platform SwissBorg suffered a major security incident when their staking partner, Kiln, inadvertently handed withdrawal keys to hackers, resulting in a $41.5 million loss of SOL tokens. This breach reveals how much risk lies in outsourcing critical custody functions. What Happened? * On September

$10M Reward for Info on Cyberattack Mastermind Behind Global Company Hacks – Ukraine Police

$10M Reward for Info on Cyberattack Mastermind Behind Global Company Hacks – Ukraine Police

Source: cyberpolice.gov.ua Neutralizing a High-Impact Hacker Group On September 11, 2025, Ukrainian law enforcement announced the successful dismantling of a hacker group responsible for deploying ransomware attacks on top global firms. These attacks caused billions in losses worldwide. * Many members arrested, prosecuted, and had assets frozen * One leader

Vulnerabilities in Permissioned Capital Market Smart Contracts: Key Risks and Mitigation Strategies

Vulnerabilities in Permissioned Capital Market Smart Contracts: Key Risks and Mitigation Strategies

Source: Vulnerabilities In Permissioned Capital Market Smart Contract Protocols - Cyfrin Traditional Finance (TradFi) institutions are adopting smart contracts to advance tokenized Real World Assets (RWAs) within regulated, permissioned frameworks called Permissioned Capital Market (PCM) protocols. Unlike DeFi’s open access, PCM protocols restrict participants to known, compliant entities. This

The Great NPM Heist: How a $1,000 Crypto Attack Sparked a Billion-Dollar Panic

The Great NPM Heist: How a $1,000 Crypto Attack Sparked a Billion-Dollar Panic

Source: rekt.news - The Great NPM Heist Supply chain attacks struck the JavaScript ecosystem last week, targeting vital npm packages used by millions worldwide. Core utilities like chalk, debug, and ansi-styles, essential for development from startups to Fortune 500 firms, were compromised with sophisticated crypto-stealing malware. This malware aimed

Nemo Protocol $2.6M Hack: How Flash Loan Flaws and Audit Failures Led to Exploit

Nemo Protocol $2.6M Hack: How Flash Loan Flaws and Audit Failures Led to Exploit

Source: Nemo Security Incident: Cause, Process, and Fund Tracing Report V1.1 On September 7, 2025, the Nemo protocol suffered a major security breach, resulting in a loss of approximately $2.59 million. This document breaks down how the attack occurred, why it wasn’t caught sooner, and steps underway