Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Latest News

CLARITY Act Explained: How the 2025 U.S. Crypto Bill Ends a Decade of Regulatory Chaos

  For over a decade, the U.S. cryptocurrency industry has faced crippling regulatory uncertainty, with the SEC and CFTC locked in a bureaucr...

All the recent news you need to know
Digital Token
cryptocurrency Cryptocurrency Cybersecurity Cyber Networks Cyber Security Cyber Vulnerabilities Digital Token

MAPO Token Crashes 96% After Cross-Chain Bridge Exploit Triggers Massive Unauthorized Mint

 

A major shock hit cryptocurrency markets when the MAPO token crashed nearly 96% after a vulnerability in the Butter Network cross-chain bridge was exploited. The attacker created an enormous number of unauthorized tokens, flooding the market with supply far beyond legitimate circulation. 

The sudden imbalance disrupted trading across Ethereum-linked decentralized finance platforms and triggered widespread panic selling. Blockchain security researchers found that the flaw allowed the creation of one quadrillion MAPO tokens, vastly exceeding the project’s intended supply. Investors reacted quickly, dumping holdings as confidence collapsed. 

Within hours, the token’s value fell from nearly $0.003 to around $0.0001, wiping out significant market value and damaging trust in the ecosystem. The attack centered on Butter Network bridge infrastructure. Investigators reported that a newly created external wallet was used to move roughly one billion MAPO tokens into decentralized exchanges. 

During the exploit, nearly 52 ETH, worth about $180,000 at the time, was drained from Uniswap liquidity pools. Analysts traced the activity back to the bridge vulnerability and the attacker’s newly established account. Although a large portion of the unauthorized tokens was sold, researchers noted that the attacker still controlled nearly a trillion MAPO tokens. 

Those remaining holdings continue to threaten liquidity pools and exchanges supporting the token. The incident once again highlights the security challenges facing cross-chain bridges, which remain attractive targets because of their complexity and large asset reserves. The exploit adds to a growing list of attacks affecting blockchain and decentralized finance projects.

Security experts have repeatedly warned that systems connecting multiple networks create additional risks. Vulnerabilities within cross-chain infrastructure can remain hidden until specific conditions trigger them, making these platforms particularly difficult to secure. Following the breach, Map Protocol confirmed that the issue originated within its Solidity-based smart contracts. 

The project temporarily paused mainnet operations and began migration efforts while the investigation continued. Butter Network also suspended ButterSwap services as a precaution, though officials stated that user funds were not directly compromised. The team later announced plans for a new contract deployment and a snapshot of token holdings to support recovery efforts. 

Any assets remaining in attacker-controlled wallets will be invalidated and excluded from future migration or conversion processes. Blockchain records showed that nearly one billion MAPO tokens were transferred to Uniswap shortly after the unauthorized minting occurred. Further analysis revealed that the attacker first submitted a legitimate oracle multisignature message before deploying a malicious smart contract at a carefully selected address. 

A manipulated retry message was then resent with the same transaction hash, making it appear authentic. Because the bridge incorrectly validated the altered message, it approved the creation of the massive token supply. Researchers emphasized that no private keys were stolen and no light-client systems were compromised. 
Instead, the breach resulted from a smart contract validation flaw involving dynamic fields in Solidity code. 
The incident demonstrates how weaknesses in contract logic can create severe consequences, putting liquidity ecosystems, blockchain projects, and investor funds at risk even without traditional network-level compromises.
Read more »
YouTube
Cloud Data Instagram Meta Roblox Technology TikTok YouTube

Media Regulators Call Out Youtube, TikTok for Ignoring Child Safety

Media Regulators Call Out Youtube, TikTok for Ignoring Child Safety

According to a report by Ofcom, YouTube and TikTok have failed to implement steps to safeguard British children from harmful online content. Data suggests widespread exposure to underage kids on these platforms. 

TikTok, YouTube ignoring child safety

Ofcom media regulators said none of the company made any serious efforts to make recommendations feeds/explore pages safer, despite proof that these platforms are the main entry point through which underage kids face harm. 

Platforms not safe enough

Ofcom said the platforms are “not safe enough”. The report comes after Ofcom’s call for stricter action on children’s online safety, saying Roblox, meta, and Snap had each complied to stronger anti-grooming actions.

TikTok said it was quite disappointing that Ofcom didn’t acknowledge its safety measures, whereas Youtube said it worked with child safety researchers to give industry grade, age-appropriate experiences for children. 

About the Ofcom report

Ofcom’s latest report explains how five large social media and video platforms responded to its call for safety measures. The report said that, "Notably, TikTok and YouTube failed to commit to any significant changes to reduce harmful content being served to children, maintaining their feeds are already safe for children.” Ofcom added, "Our wealth of evidence, published today, suggests they are still not safe enough."

What did YouTube and TikTok say?

Responding to the criticism, YouTube and TikTok said that safety measures already existed. YouTube’s short-form video timer allowed parents to control scrolling time for Shorts feed, whereas TikTok stopped direct messaging (DM) for under-16 children.

Governments have taken measures to address online child safety. UK PM Keir Starmer has urged social media platforms to take greater responsibility. Britain is discussing tighter restrictions, this includes a potential ban on under-16 children that use social media, inspired from Australia's landmark decision that tackled addictive design features. 

According to social media analyst Matt Navarra, the report has shown a shift in how we perceive online harm as a “product problem.” Earlier, the debate was, “did the platform remove harmful content quickly enough?' - the new one has shifted towards, 'why did the platform show it to a child in the first place?”

What does the data say?

Ofcom reported that 73% of 11-17 year olds were exposed to malicious content for four weeks, primarily through recommendation feeds. TikTok was the most cited, followed by YouTube, Instagram and Snapchat. Experts stress that YouTube and TikTok said their existing platforms were adequate, but media regulators have found their feeds to be unsafe.

Read more »
Technology
Access control AI Layoffs cybersecurity risks Data Exposure Environment Variables Insider Threats Software Security Source Code Security Tech Industry Trends Technology

Bengaluru Developer’s Viral AI Tool Shows the Power of One Click Decisions


 

As artificial intelligence continues to transform software development workflows and corporate staffing strategies, discussions regarding automation-driven job displacement have gained increasing prominence across the technology sector. Against this backdrop, a Bengaluru software engineer has captured widespread attention online with a satirical hardware project combining workplace anxiety with developer joking. 

Designed as a "I GOT FIRED" emergency button, the device humorously claims to initiate a series of catastrophic actions, including exposing source code repositories and publishing sensitive environment variables. As a technical themed commentary on modern tech culture and the uneasy relationship between AI, employment, and corporate trust, the book transforms a growing industry concern into a commentary on this growing industry concern. 

The project was presented with the intention of responding humorously to the growing discussion regarding AI-driven layoffs and shrinking engineering teams, as a response to workplace uncertainty. 

In an interview with Pankaj Tanwar, a software engineer who is popular online as @the2ndfloorguy, Pankaj Tanwar described the device as a "I GOT FIRED" button capable of initiating a fictional chain of retaliatory actions upon pressing. 

Using the satirical scenario described in his post, this button would publish a company's codebase, store sensitive .env configuration secrets, delete the staging database, and notify his lawyer. There is a compact programmable keypad attached to his laptop that has labels, including "Gaslight Them," "Decode Corporate BS," and a prominent red button that reads "I Got Fired.". 

On-screen notifications, emphasizing the joke's technical undertones, displayed messages claiming environment secrets had been released to the public and that the user was "out of office." It was evident that the post was intended as developer satire rather than a functional cyber sabotage tool, however it received widespread attention on social media, generating a mix of amusement, curiosity and debate from technology professionals who appreciated the humour and frustrations embedded within it. 

Besides its novelty, the rapid spread of the post was mainly driven by its author's reputation as a Bengaluru-based developer known for designing unconventional technology projects combining engineering concepts with internet humour. Many members of the software community, however, were particularly affected by this satire in this instance. 

The button was described as a fictional last-resort mechanism that could launch a cascade of catastrophic actions as a response to mounting concerns about the reduction of workforce through automation. It can expose proprietary code, expose sensitive environment variables, delete a staging database and alert legal counsel to a multitude of catastrophic events.

Using a compact programmable keypad alongside a laptop that was running a workflow ominously titled "I Got Fired," the accompanying images enhanced the dramatic narrative by creating the visual impression of an emergency shutoff switch for developers. Despite the obvious exaggeration in the scenario for comedic effect, the post was resonating because it expressed familiar industry anxieties in a technically recognisable manner. 

The responses varied from users asking for information about similar programmable keys available in India to others imagining humorous scenarios driven by artificial intelligence in which a decision-making system would determine whether to press a button. 

The project has been dismissed by critics as nothing more than engagement bait, while others have pointed out that any attempt to carry out the actions outlined would come with severe legal and professional consequences. There was some lighthearted joke that activating the switch would result in a salary being traded for prison accommodation, with some comparing the concept to a developer-oriented “dead man’s switch.”

The joke revealed a deeper sentiment, though, beneath the humour. It resonated with many technology professionals as it reflected a common concern about employees feeling replaceable amid continuous restructuring, automation initiatives, and artificial intelligence-driven efficiency initiatives. Therefore, the device functioned less as a fictional tool and more as a satirical tool for discussing the industry’s growing concerns about job security, workplace pressure and the future role of human talent in software development. Its popularity underscores a broader reality faced by today's technological workforce despite its intended purpose as satire. 

Not only did the joke resonate due to the fictional cyber sabotage it portrayed, but it also tapped into a genuine concern regarding automation, organisational restructuring, and employee uncertainty. From a cybersecurity perspective, the scenario also reminds us the importance of strong access controls, credential management, insider risk monitoring, and clearly defined offboarding processes. 

AI is reshaping the workplace, so organizations will need to maintain a balance between technological efficiency and transparency, trust and workforce resilience to ensure innovation does not undermine security and culture, but rather strengthens it instead of becoming a source of anxiety for employees.
Read more »
Software security
AI GitHub Global Supply-Chain Attack malware Software security

TeamPCP’s Supply Chain Campaign Raises Fresh Concerns Over Open-Source Software Security

 



A cybercrime group known as TeamPCP has been linked to an expanding series of software supply chain attacks that researchers say have affected hundreds of organizations, with GitHub becoming the latest high-profile name connected to the campaign.

GitHub recently disclosed that it had identified thousands of repositories impacted after a developer reportedly installed a compromised extension for Visual Studio Code (VSCode), Microsoft's widely used source-code editor. TeamPCP later claimed on the cybercrime forum BreachForums that it had gained access to roughly 4,000 GitHub repositories and attempted to advertise what it described as GitHub source code and internal organizational data for sale. GitHub stated that it had identified at least 3,800 affected repositories but said its investigation indicated the exposed repositories contained the company's own code rather than customer code.

The incident highlights the growing danger of software supply chain attacks. Unlike traditional intrusions that target a company directly, these operations focus on software that developers trust and use every day. By secretly inserting malicious code into legitimate tools, attackers can potentially reach thousands of downstream users through a single compromise.

Security researchers tracking TeamPCP believe the group has transformed what was once considered an occasional cybersecurity threat into a recurring problem. According to software supply chain security firm Socket, the group has launched around 20 separate attack waves in recent months, embedding malicious code into more than 500 unique software projects. When different compromised versions are counted, that number rises to well over a thousand malicious releases.

Researchers say the group's success stems from a self-reinforcing attack cycle. TeamPCP typically begins by compromising a development environment associated with an open-source project. Malware is then inserted into software packages that are downloaded by other developers. Once installed, the malicious code can steal credentials, authentication tokens, and publishing permissions, allowing attackers to compromise additional software projects and continue spreading through the development ecosystem.

Recent investigations indicate that TeamPCP has increasingly automated this process through a worm known as Mini Shai-Hulud. The malware has been observed creating GitHub repositories containing encrypted credentials stolen from victims while leaving references to Frank Herbert's science-fiction universe Dune. Researchers note that although the name resembles an earlier worm called Shai-Hulud, there is currently no evidence linking TeamPCP to that previous campaign.

GitHub is not the only organization mentioned in connection with the operation. Researchers have previously linked TeamPCP activity to incidents involving OpenAI, Mercor, and several widely used software development projects. During a major expansion of its campaign earlier this year, the group reportedly compromised software and infrastructure associated with Trivy, LiteLLM, Checkmarx, pgserve, TanStack, and Mistral AI. The stolen credentials obtained through those attacks were allegedly used to fuel further compromises.

Security analysts describe credential theft as the group's primary enabler. Long-lived access tokens and poorly managed credentials allow attackers to move from one environment to another with relatively little effort. According to researchers, once a single trusted credential is stolen, it can provide access to additional repositories, cloud resources, and development systems.

The group's activities have also evolved beyond software tampering. Threat intelligence researchers report that TeamPCP has engaged in ransomware deployment, data extortion, and data-sale operations. In April, the group reportedly began adopting elements of a ransomware-as-a-service model through associations with cybercriminal platforms such as BreachForums and DragonForce. Researchers have additionally observed activity involving CanisterWorm, malware that targeted Kubernetes environments and reportedly deployed destructive functionality against selected Iranian targets.

The scale of the campaign has renewed debate over how organizations should safely consume open-source software. Experts recommend strengthening credential management practices, regularly rotating access tokens, limiting permissions wherever possible, and closely monitoring software dependencies. They also advise organizations to avoid automatically installing newly released software updates without first validating their integrity. In some recent cases, security teams detected malicious updates within minutes, but users who relied on automatic updates had already installed the compromised code.

The bigger lesson, researchers say, is that trust alone is no longer sufficient in modern software development. Open-source software remains a cornerstone of the global technology ecosystem, but organizations increasingly need verification processes, update review procedures, and continuous monitoring to reduce the risk posed by rapidly spreading supply chain attacks.

Read more »
enterprise cybersecurity
Accenture AI technology AWS Cyber Advancements Cyber Protection Cyber Security enterprise cybersecurity

UK Post Office Awards £410 Million Contracts to Replace Horizon System After Long-Running Scandal

 

Now beginning its largest tech overhaul yet, the UK Post Office handed out £410 million in contracts to Accenture and OneView Commerce. This shift follows years of public scrutiny tied to the flawed Horizon system. Known for fueling a historic wave of wrongful convictions, that earlier platform is being phased out slowly. Instead of repeating past mistakes, officials are betting on updated tools built for accuracy. Behind the scenes, work has already started on untangling old code. What comes next will depend heavily on how well new systems adapt under real conditions.

Taking charge under fresh contracts, Accenture steps into managing and shifting the Post Office’s current tech setup. Worth £269 million across half a decade, the deal includes room to stretch further by another pair of years if needed. Out goes Fujitsu - the firm behind the original 1990s build of Horizon, the system handling sales and money tracking at counters. Instead comes a push led by Accenture: keeping daily operations steady while refreshing essential programs, guiding change toward modern cloud-based systems within an overall plan to renew outdated digital tools. 

Now beginning, OneView Commerce wins a distinct deal worth £141 million to build a fresh tech foundation for retail operations. This setup runs through the cloud, aiming to refresh daily functions inside Post Office locations. Electronic cash handling, portable access points, interactive client systems, data insights, along with stand-alone service stations form part of the rollout. Running within AWS or an equivalent online infrastructure ensures flexibility. Custom adjustments fit specific workflow demands across different sites. Years of dispute preceded the removal of Horizon.

Launched in 1999, it managed money tasks in Post Office locations nationwide. Faults within the program created incorrect account balances. These flawed reports triggered accusations against numerous branch managers - many charged with stealing, dishonest recordkeeping, or deceit. From 1999 until 2015, roughly 736 people faced unjust legal actions due to data flaws in the technology. Lives unraveled as a result: savings vanished, reputations damaged, mental health weakened. 

Still ongoing, a public investigation begun in 2021 examines how the scandal unfolded. By 2025, results showed top figures at the Post Office, together with staff from Fujitsu and earlier ICL, were aware - or ought to have been - of flaws in Horizon causing faulty financial records. Lives shattered under pressure; suicides occurred, tied directly to legal actions and what followed after. What emerged was not just system failure but personal tragedy etched into official findings. 

Come May 2025, the Post Office dropped its plan to build a new system on its own. Instead, it opened up bidding to outside firms. Winning proposals came from Accenture and OneView Commerce. Firms like IBM and Escher Software also submitted bids during the selection round. Now comes a shift - fresh agreements signal serious commitment, not just to upgrade tools but to restore confidence across the Post Office network.

Instead of clinging to outdated setups, leaders choose next-generation cloud solutions to replace the long-troubled Horizon infrastructure. This time around, progress means fewer breakdowns, smoother daily operations. Past mistakes weigh heavily; avoiding them shapes every decision going forward.
Read more »
TanStack
Cyber Attacks GitHub Report Breach Supply Chain Attack TanStack

GitHub Repo Breach Traced to TanStack NPM Supply-Chain Attack

 

GitHub has confirmed that a breach of its internal repositories is directly linked to the TanStack npm supply-chain attack, demonstrating how a single compromised developer tool can cascade into a major security incident. The company stated that the intrusion began when an employee installed a malicious version of the Nx Console Visual Studio Code extension, which had been poisoned during the wider TanStack compromise. This attack chain allowed threat actors to gain initial access to GitHub's internal infrastructure, ultimately exposing approximately 3,800 internal repositories to unauthorized access. 

The original TanStack attack occurred on May 11, 2026, when the TeamPCP threat group compromised 42 npm packages and published 84 malicious versions in just six minutes. The attackers exploited a sophisticated combination of GitHub Actions vulnerabilities, including a "Pwn Request" attack using pull_request_target abuse, cache poisoning across fork-to-base trust boundaries, and OIDC token extraction from runner memory. This technique produced the first npm supply-chain attack with valid SLSA Build Level 3 attestations, making the malicious packages appear completely legitimate to security scanners and developers. 

The malicious Nx Console extension version 18.95.0 was available on the Visual Studio Marketplace for approximately 18 minutes and on OpenVSX for another 36 minutes before being removed. Despite the short window, the poisoned extension deployed a payload designed to steal credentials and secrets from developer environments, targeting npm, AWS, Kubernetes, GitHub, GCP, and Docker platforms. The Nx development team confirmed that one of their developers was compromised through the TanStack supply-chain leak, which exposed GitHub credentials through the GitHub CLI, allowing attackers to run workflows on their repository as a contributor. 

GitHub's Chief Information Security Officer Alexis Wales confirmed that the company secured the compromised device and rotated critical secrets, prioritizing the highest-impact credentials first. While GitHub has not officially attributed the attack to a specific group, TeamPCP claimed access to GitHub source code and approximately 4,000 repositories of private code on the Breached forum, demanding at least $50,000 for the stolen data. The incident also affected other organizations, including UiPath, Guardrails AI, OpenSearch, and Grafana Labs, which confirmed its GitHub environment breach originated from the same TanStack attack. 

This incident highlights the severe risks of modern software supply chains, where one compromised dependency can ripple across thousands of developers and organizations faster than security teams can respond. The attack demonstrates that even organizations with strong security practices, including two-factor authentication, remain vulnerable to sophisticated supply-chain attacks that exploit trust relationships between packages, build tools, and automated workflows. Developers and security teams must now prioritize hardening CI/CD pipelines,Token rotation, extension verification, and continuous monitoring of package updates as potential attack vectors.
Read more »
Subscribe to: Posts (Atom)

Featured