Stolen and leaked credentials lead to Node.js packages from AsyncAPI and Jscrambler Code Integrity being poisoned with ...
A hacker used Ostium's own price-reporting infrastructure against the protocol, submitting falsified future-dated oracle data to manufacture fake trading profits and trigger an $18 million payout.
Five malicious versions of AsyncAPI packages were published to the Node Package Manager (npm) in a supply-chain attack that ...
Cursor AI code editor faces unpatched vulnerability enabling code execution, adding to a string of critical RCE flaws ...
An unpatched vulnerability in Cursor on Windows could allow attackers to achieve code execution via malicious repositories.
Ostium DEX drained $18M USDC via compromised oracle key on Arbitrum. Attacker used future-dated prices to loop profitable trades and empty vault. Major RWA perp protocol hit despite $27.8M funding ...