KeePass 2.54 patches a vulnerability allowing attackers to retrieve the cleartext master password from a memory dump.
The post KeePass Update Patches Vulnerability Exposing Master Password appeared first on SecurityWeek.
The all in one place for non-profit security aid.
KeePass 2.54 patches a vulnerability allowing attackers to retrieve the cleartext master password from a memory dump.
The post KeePass Update Patches Vulnerability Exposing Master Password appeared first on SecurityWeek.
Australian Defence Force Private and Husband Charged with Espionage for Russia
Two Russian-born Australian citizens have been arrested and charged in the country for spying on behalf of Russia as part of a “complex” law enforcement operation codenamed BURGAZADA.
This includes a 40-year-old woman, an Australian Defence Force (ADF) Army Private, and her husband, a 62-year-old self-employed laborer. Media reports have identified them as Kira Korolev and Igor Korolev, Read More
ClearFake Campaign Expands to Target Mac Systems with Atomic Stealer
The macOS information stealer known as Atomic is now being delivered to target via a bogus web browser update chain tracked as ClearFake.
"This may very well be the first time we see one of the main social engineering campaigns, previously reserved for Windows, branch out not only in terms of geolocation but also operating system," Malwarebytes’ Jérôme Segura said in a Tuesday analysis.
Atomic Read More
The Hacker News | #1 Trusted Cybersecurity News Site
Nasdaq’s Official X Account Hacked to Promote Fraudulent Memecoin
In a startling security breach, hackers have taken control of Nasdaq’s official X account to promote a fake memecoin, leading to a significant, albeit temporary, surge in the token’s value. The incident, which unfolded overnight on January 22, 2025, PST, brought to light the vulnerabilities even major institutions face on social media platforms.
The hackers utilized the compromised account to endorse a token named “STONKS,” falsely positioning it as an affiliate project of Nasdaq.
The memecoin, which was essentially a clone of an existing token in the Solana ecosystem, saw its market cap skyrocket to $80 million within hours due to the deceptive endorsement.
However, the value crashed just as quickly once the fraudulent activity was recognized and actions were taken to mitigate the scam’s impact.
According to reports, the attackers created a fake X account, presenting it as a partner to Nasdaq, and retweeted posts about the STONKS token from the official Nasdaq account.
One user’s frustration was palpable, stating, “I just lost $200,000 because of NASDAQ. I will be contacting my lawyer tomorrow about NASDAQ X account being hacked. The hack occurred longer than 30 minutes on their account without any apologies or mention of them being hacked.
Ca
6NcdiK8B5KK2DzKvzvCfqi8EHaEqu48fyEzC8Mm9pump
I just lost $200,000 because of NASDAQ
I will be contacting my lawyer tomorrow about NASDAQ X account being hacked. The hack occurred longer than 30 minutes on their account without… pic.twitter.com/sspYhUwhGu
— Crypto Gem Alert
![]()
(@thefoxarmyraid) January 23, 2025
Posts found on X have expressed concern over the increasing rate at which big companies’ accounts are being hacked, with many users highlighting the alarming trend of using these breaches to promote scams.
The incident has sparked discussions on the platform about the need for better cybersecurity practices for both individuals and corporations.
Hackers took over Nasdaq’s X account and the late John McAfee’s profile to shill questionable meme tokens.
![]()
Nasdaq hyped a scam token called STONKS, which hit a $80M market cap before crashing.
McAfee’s account pushed an AI token, AIntivirus, reaching $70M market… pic.twitter.com/fgg4ptUtyc
— TradeDucky (@tradeducky) January 23, 2025
@Nasdaq is capable of being hacked easily and they have too much liabilities. We need somebody fired or we need some answers NASDAQ.”
This sophisticated scam leveraged Nasdaq’s reputation to draw in unsuspecting investors, underlining the dangers of social media manipulation in the cryptocurrency space.
This incident adds to a growing list of high-profile hacks aimed at promoting scam cryptocurrencies.
Recent months have seen similar attacks on celebrities like Drake, Wiz Khalifa, and even organizations such as the Cardano Foundation, where hackers have used the accounts to push fraudulent tokens.
These breaches highlight a persistent security issue on X, where accounts can still be compromised even with robust authentication measures in place.
Nasdaq has since regained control of its account, deleting all fraudulent posts and suspending the associated fake profiles.
The exchange has not yet released an official statement regarding how the hackers breached their account’s security, but there is an ongoing call for enhanced security protocols, including stronger two-factor authentication (2FA) and continuous account monitoring.
Posts found on X have expressed concern over the increasing rate at which big companies’ accounts are being hacked, with many users highlighting the alarming trend of using these breaches to promote scams.
The incident has sparked discussions on the platform about better cybersecurity practices for individuals and corporations.
This event is a stark reminder of the importance of vigilance in the digital age, especially in the volatile world of cryptocurrency. Investors are urged to verify sources independently and be cautious of endorsements, even from seemingly credible accounts.
The crypto community continues to advocate for education on recognizing and avoiding such scams, emphasizing due diligence before engaging with any new token or investment opportunity.
As the investigation into this hack continues, the cryptocurrency and tech sectors will likely see an uptick in security measures to prevent similar incidents.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free
The post Nasdaq’s Official X Account Hacked to Promote Fraudulent Memecoin appeared first on Cyber Security News.