AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
CNET

Gemini Rolls Out Ask Maps to Make Google Maps More Interactive

The feature allows users to interact conversationally with the app, finding places such as a charging station, or available tennis court.
CoinDesk

Bonk.fun hacked: Domain hijacked, crypto drainer planted

The operator, known as Tom, said only users who signed a fake terms-of-service message on the compromised site after the breach were affected.
Rock Paper Shotgun

Tracking down the Dark Souls 2 hacker who injected me with 500 cursed Black Knight Ultra Greatswords

A dozen hours later in my Dark Souls 2 run, I defeated The Duke's Dear Freja, a giant spider boss possessed by a petrified ...
The Hacker News

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

New hacking cluster exploits web servers and Mimikatz to infiltrate Asian infrastructure for long-term espionage in aviation, ...

How AI may have handed Iran’s proxies a map to US infra

Within hours of US and Israeli strikes hitting Iran on Feb 28, over 50 hacktivist groups aligned with Iranian interests had activated on Te.

Hackers Expose Discord Age Verification System Issue After Persona Frontend Code Left Wide Open

Discord's new age verification system faces scrutiny after hackers expose parts of its code, raising privacy and security concerns.
The Hacker News

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain ...