
Crypto Security Report: September 2025
An npm supply chain attack with 2 billion weekly downloads exposed, deepfake voice phishing hitting crypto execs, the Trillion Dollar Security initiative, and more.

An npm supply chain attack with 2 billion weekly downloads exposed, deepfake voice phishing hitting crypto execs, the Trillion Dollar Security initiative, and more.

Over 40 fake Firefox extensions impersonating wallets, a $42 million hack resolved by bounty, zombie dapps rising from the dead, and more.

Featuring North Korean operatives laundering billions through Tron, Interpol's global infostealer takedown netting 32 arrests, the largest-ever pig butchering fund recovery, Taylor Monahan on the CrimeEnjoyor drainer script, and more.

Solana 来了!无论您是 ETH 还是 SOL 的忠实粉丝,小狐狸钱包始终支持您……

Featuring security researcher Nick Franklin exposed as a DPRK operative behind the Radiant Capital hack, Lazarus Group laundering Bybit funds through THORChain, FBI IC3's record crypto fraud report, and more.

Featuring a GitHub Actions attack hitting 23,000 organizations, a RAT targeting 20 Chrome wallet extensions, DPRK Zoom malware, and more.

Featuring the largest hack in crypto history, OCR malware scanning your photo gallery for seed phrases, FBI saving thousands from pig butchering, and more.

Featuring the Lazarus Group's suspected Phemex exchange heist, AdsPower's wallet extension swap attack, AmosStealer malware via fake Homebrew Google Ads, DPRK's Contagious Interview campaign deploying BeaverTail, and more.

Featuring Luker's Devcon SEA talk on social engineering scams, same-origin realms for browser extension security, the Ethereum Protocol Attackathon's $1.5 million reward pool, a $2.2 million WallStreetBets X account hack on Solana, and more.

Featuring a scammer-baiting granny, LavaMoat's GitNation demo isolating malicious npm packages, the SEAL Wargames drill template, The Red Guild's Phishing Dojo, Microsoft's CYBERWARCON exposé on North Korean cyber capabilities, and more..