NIST has revamped its CVE framework to prioritize high-impact vulnerabilities, aiming to improve software security. The new approach emphasizes faster remediation of critical flaws, guiding cybersecurity efforts to focus on the most dangerous software vulnerabilities and reduce exploitation risks.
Chainalysis analyzed the 'Shadow Crypto Economy' as Grinex suspends operations. Fund movements suggest suspicious activity, raising questions about whether it was an external hack or other factors, highlighting ongoing laundering concerns.
Circle defended its decision not to freeze $280M in funds from the Drift hack, warning that unilateral freezes could trigger a domino effect across DEXs, bridges, and wallets, raising concerns over security and trust in DeFi.
Rhea Finance reports $18.4 million in exploit losses, more than double initial estimates, after an attacker used a 'deliberately constructed swap route' to open numerous margin trading positions, highlighting ongoing DeFi security risks.
NIST's decision to reduce CVE data enrichment has impacted cybersecurity teams, prompting industry coalitions to step in and help fill the gap. The change affects vulnerability management, requiring new strategies to address high-impact software flaws and maintain cybersecurity resilience.
Rhea Finance reports an $18.4M exploit caused by a slippage flaw, with some funds recovered. The incident highlights ongoing security risks in DeFi platforms and the importance of safeguarding user assets.
Payouts King ransomware now uses QEMU virtual machines to evade endpoint security by establishing reverse SSH backdoors. This technique allows the malware to run hidden VMs on infected systems, bypassing detection. Security researchers warn that this method complicates mitigation efforts and highlights evolving ransomware tactics.
