Author: Harish
The recent collapse of the Mantra (OM) token triggered comparisons to the infamous Terra ecosystem crash in May 2022, with some commentators referring to Mantra as the “next Terra.” Still, many in the community argue that the two projects share nothing in common besides visual similarities in price charts.“While it’s tempting to draw parallels between OM’s recent crash and the Terra Luna collapse, they’re fundamentally very different events,” said Ben Yorke, vice president of ecosystem at the decentralized finance (DeFi) project Woo, in a statement to Cointelegraph.Alexis Sirkia, chairman of the DeFi infrastructure project Yellow Network, agreed. “There are no…
The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Linux systems. “Threat actors are increasingly using open source tools in their arsenals for cost-effectiveness and obfuscation to save money and, in this case, plausibly blend in with the pool of non-state-sponsored and often less technical adversaries (e.g., script kiddies), thereby making attribution even more difficult,” Sysdig researcher Alessandra Rizzo said in a report shared with The Hacker News. “This seems to hold especially true for this…
Apr 15, 2025Ravie LakshmananVulnerability / Software Security A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based blogging server software that could allow malicious actors to retain unauthorized access even after a password change. The flaw, assigned the CVE identifier CVE-2025-24859, carries a CVSS score of 10.0, indicating maximum severity. It affects all versions of Roller up to and including 6.1.4. “A session management vulnerability exists in Apache Roller before version 6.1.5 where active user sessions are not properly invalidated after password changes,” the project maintainers said in an advisory. “When a user’s password is changed, either…
Apr 15, 2025The Hacker NewsData Privacy / Enterprise Security Everybody knows browser extensions are embedded into nearly every user’s daily workflow, from spell checkers to GenAI tools. What most IT and security people don’t know is that browser extensions’ excessive permissions are a growing risk to organizations. LayerX today announced the release of the Enterprise Browser Extension Security Report 2025, This report is the first and only report to merge public extension marketplace statistics with real-world enterprise usage telemetry. By doing so, it sheds light on one of the most underestimated threat surfaces in modern cybersecurity: browser extensions. The report…
Decentralized exchange (DEX) KiloEx has offered the hacker who exploited $7.5 million in crypto from its platform a 10% white hat bounty. On April 15, KiloEx posted an offer directed to the hacker who stole millions from the DEX. KiloEx said it had worked with law enforcement, cybersecurity agencies and exchanges to uncover information about the hacker’s activities. The DEX also shared wallet addresses linked to the hackers that the DeFi platform and other organizations are actively monitoring. KiloEx said they were prepared to freeze the stolen funds. However, the DEX offered the hacker $750,000 in exchange for returning 90% of the…
Key takeawaysPi coin finally went live on open mainnet in February 2025, unlocking real-world use cases after years in closed beta.You can spend Pi coin, but mostly within P2P communities and KYC-verified Pi apps — mainstream adoption is still in its early stages.Pi is now tradable on several CEXs, such as OKX, Bitget and MEXC, but Binance still hasn’t listed it despite 2 million+ user voters lobbying for the listing.Merchant adoption is growing slowly, with real goods and services being exchanged for Pi in localized markets and app-based ecosystems.Often described as a crypto for the people, Pi is a decentralized…
Major Web3 ecosystems organize gatherings around the world to ensure that market dips or macroeconomic crises do not hinder the development and the “BUIDL” philosophy of the blockchain community. Two back-to-back events in Hong Kong — the BNB Chain Super Meetup and the exclusive Most Valuable Builder (MVB) Season 9 Offsite — brought together some of the brightest minds in the blockchain space.Leaders like Binance founder Changpeng “CZ” Zhao, Ethereum’s Vitalik Buterin, Tron’s Justin Sun and other key figures joined to share insights on where Web3 is headed. Hosted during the Hong Kong Web3 Festival on April 5 and 6,…
In the wake of criticism over the underwhelming performance of its AI products, especially in areas like notification summaries, Apple on Monday detailed how it is trying to improve its AI models by analyzing user data privately with the aid of synthetic data. Using an approach called “differential privacy,” the company said it would first generate synthetic data and then poll users’ devices (provided they’ve opted-in to share device analytics with Apple) with snippets of the generated synthetic data to compare how accurate its models are, and subsequently improve them. “Synthetic data are created to mimic the format and important…
Update April 15, 9:17 am in UTC: This article has been updated with information throughout.Binance, KuCoin, MEXC and other exchanges and wallet providers have been experiencing service issues due to a significant network interruption by Amazon Web Services (AWS).Centralized cryptocurrency exchanges (CEXs) were hit by an AWS data center outage, which reported “connectivity issues” that affected at least 12 of its services on April 15.AWS Service health. Source: Health.aws.amazon“We are seeing initial signs of recovery but continue to monitor and work toward full recovery. Other AWS services are also impacted by this issue, and are also observing recovery. We will…
Update (April 15, 10:47 am UTC): This article has been updated with comments from Marianas Rai Corp. co-founder Vin Armani.The governor of the Northern Mariana Islands, a small Pacific US territory just north of Guam, has killed the legislation that would have allowed one of the territory’s local governments to launch a fully backed US dollar-pegged stablecoin.In an April 11 letter seen by Cointelegraph, Northern Mariana Islands Governor Arnold Palacios said he vetoed the bill as it “presents several legal issues and may be unconstitutional.”Palacios’ letter said the bill, which largely dealt with issuing licenses to internet casinos, would regulate…