According to OpenSourceMalware research, North Korean hacking group Lazarus has hidden second-stage malware loaders in Git Hooks pre-commit scripts during targeted attacks on developers, a report revealed on May 9. The group uses a technique called “Contagious Interview” to lure developers into cloning malicious code repositories by posing as cryptocurrency and DeFi companies conducting recruitment. The attacks aim to steal crypto assets and credentials from affected developers.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
LayerZero issues an apology and admits a design flaw in its 1/1 DVN configuration: default to a full upgrade to 5/5
Cross-chain protocol LayerZero issued a public apology on May 9 (U.S. time), acknowledging a design flaw in the Kelp DAO hacker incident. CoinDesk, citing LayerZero’s official blog, wrote: “First things first: a belated apology. We allowed DVN to operate in 1/1 mode for high-value transactions—this is a mistake.” The position shifted from prior weeks’ accusations about “Kelp’s own configuration choices” to taking responsibility at the infrastructure layer itself. The attitude reversal occurred t
ChainNewsAbmedia6h ago
Crypto Wrench Attacks Surge 41% in 2026, With $101M Lost in First Four Months: CertiK
According to CertiK, cryptocurrency holders lost approximately $101 million from wrench attacks in the first four months of 2026, with 34 verified incidents globally—a 41% increase from the same period in 2025. If the trend continues, the firm estimates hundreds of millions in losses for the full
GateNews8h ago
LayerZero Issues Public Apology for Kelp DAO Exploit, Admits Single-Verifier Setup Fault
According to The Block, LayerZero issued a public apology Friday for its handling of the April 18 exploit that drained $292 million in rsETH from Kelp DAO's cross-chain bridge. The protocol acknowledged it made a mistake by allowing its Decentralized Verifier Network to serve as the sole verifier fo
GateNews13h ago
Crypto Wrench Attacks Rise 41% in 2026, Targeting Family Members
Crypto security firm CertiK estimates that cryptocurrency holders lost approximately $101 million from wrench attacks during the first four months of 2026, representing a 41% increase in verified incidents compared to the same period in 2025. If the trend continues at this rate, losses could reach s
CryptoFrontier14h ago
Linux "Copy Fail" Vulnerability Listed by CISA; 10-Line Code Enables Root Privilege Escalation
According to BlockBeats, on May 9, the Linux kernel "Copy Fail" vulnerability was added to CISA's Known Exploited Vulnerabilities (KEV) catalog. The flaw affects major Linux distributions since 2017 and allows attackers with regular user permissions to escalate to root access using
GateNews15h ago
Chrome Automatically Downloads Multi-Gigabyte Gemini Nano AI Model on May 9, Sparks Crypto Community Security Concerns
According to BlockBeats, on May 9, Chrome automatically downloaded a multi-gigabyte AI model file (Gemini Nano) to users' devices without explicit consent for local fraud detection, webpage summarization, and AI features.
While Google stated that local AI execution enhances privacy and security,
GateNews15h ago
