SlowMist CISO @im23pds tweeted to alert ChromeV8 engine vulnerability CVE-2025-6554 allows attackers to run malicious code through carefully constructed web pages. At present, the relevant exploit PoC has been made public and is being exploited. Users need to pay attention to upgrades to avoid asset loss due to phishing attacks.
CoinMarketCap said in a post on the X platform that it has identified and removed malicious code from the website, and the team is continuing to investigate and take measures to enhance security. Previously, the front end of CoinMarketCap was attacked, and a malicious pop-up window prompting users to "verify wallet" appeared on the website. CoinMarketCap then tweeted that it had identified and removed the malicious code on the website, and all systems had returned to normal, but the tweet was de...
On April 28th, according to a member of the crypto community Cat (@0xCat_Crypto), a Web3 startup project was transferred hundreds of thousands of USDT due to the inclusion of hardcoding authorized wallet addresses in the smart contract code. In the incident, an employee submitted suspicious contract code, but the employee denied writing the relevant code, saying that the malicious code was automatically generated by the artificial intelligence programming assistant and had not been fully reviewe...