ThreatsDay Bulletin: Wi-Fi Hack, npm Worm, DeFi Theft, Phishing Blasts— and 15 More Stories
These articles are AI-generated summaries. Please check the original sources for full details.
ThreatsDay Bulletin: Wi-Fi Hack, npm Worm, DeFi Theft, Phishing Blasts— and 15 More Stories
A critical DeFi exploit drained $9 million from Yearn Finance’s yETH pool by exploiting a gas-fee cache flaw. Attackers minted 235 septillion yETH tokens while depositing just 16 wei, highlighting vulnerabilities in DeFi accounting mechanisms.
Why This Matters
The DeFi exploit demonstrates how technical optimizations like gas-fee caching can introduce critical vulnerabilities. The scale of the attack—leveraging a 41-digit token amount—shows that idealized models of secure smart contracts often fail to account for edge cases in resource management, leading to massive financial losses.
Key Insights
- “DeFi exploit draining $9M via gas-fee cache flaw, 2025”
- “BPFDoor malware uses IPv6 and port hopping for stealth, 2025”
- “Fake VS Code extension distributed OctoRAT, 2025”
Practical Applications
- Use Case: DeFi protocols using gas-fee optimizations
- Pitfall: Overlooking cache management leading to exploits
References:
Continue reading
Next article
Veeam and HPE Introduce Updates to Streamline Hybrid Cloud Recovery
Related Content
ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories
This week's ThreatsDay Bulletin highlights a surge in threat actor adaptability, with a WhatsApp hijack campaign exploiting legitimate features and 1,000 exposed MCP servers leaking sensitive data.
ThreatsDay Bulletin: Emerging Cybersecurity Threats and Vulnerabilities in 2025
A comprehensive overview of 2025's critical cybersecurity threats, including DNS poisoning, supply-chain attacks, Rust-based malware, and rising ransomware trends, as detailed in The Hacker News' ThreatsDay bulletin.
ThreatsDay Bulletin: AI Tools in Malware, Botnets, GDI Flaws, Election Attacks & More
This ThreatsDay Bulletin highlights critical cybersecurity threats, including AI-driven malware analysis, Windows GDI vulnerabilities, global ransomware trends, and emerging attack vectors like fake apps and botnets.