Supply-chain attack
Daemon Tools, a popular disk image mounting app, was compromised in a supply-chain attack starting April 8, delivering malware through official updates. Security firm Kaspersky reported infections on thousands of machines across over 100 countries. Users are urged to scan their systems immediately.
由 AI 报道
Trust Wallet has linked a second Shai-Hulud supply-chain attack to a hack on its Chrome extension, resulting in the theft of about $8.5 million in cryptocurrency. The incident involved a malicious version of the extension that exfiltrated users' sensitive wallet data. The company rolled back the compromised software and committed to reimbursing affected users.