AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
Crypto Briefing

Zerion API now supports x402 payments on Base

Zerion API integrated the x402 protocol. Any AI agent with a crypto wallet can now make an API call, pay 0.01 USDC on Base, and get back structured wallet data: portfolio balances, DeFi positions, ...
Decrypt

Fake FBI Crypto Tokens Are Being Used to Threaten Tron Users, Authorities Warn

The FBI warned of a new threat emerging on Tron’s network, with users receiving tokens that aren’t actually from federal law enforcement.

Hackers exploit OpenClaw hype on GitHub to steal crypto funds

Crypto scammers are exploiting the rising visibility of OpenClaw to target developers through a coordinated phishing campaign ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
Decrypt

OpenClaw Developers Lured in GitHub Phishing Campaign Targeting Crypto Wallets

The phishing campaign lures OpenClaw developers with fake $5,000 token airdrops, then drains wallets through a cloned site ...
Dark Reading

C2 Implant 'SnappyClient' Targets Crypto Wallets

In addition to enabling remote access, the malware supports a wide range of capabilities including data theft and spying.