Hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries, targeting crypto wallets. Hackers have only managed to steal $50 worth of crypto from a massive supply chain hack affecting JavaScript software libraries, industry security researchers say. Crypto intelligence platform Security Alliance shared the findings on Monday after hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries that have already been downloaded over 1 billion times, potentially putting countless crypto projects at risk. Ethereum and Solana wallets were specifically targeted, Security Alliance said. Fortunately, less than $50 has been stolen from the crypto space so far, the security firm said, identifying Ethereum wallet address “0xFc4a48” as what it believes to be the only malicious address so far. It added on X: The $50 figure was, however, bumped up from five cent...
The USDm stablecoin, built with Ethena and backed by tokenized treasuries, will use its yield to subsidize Ethereum sequencer fees. MegaETH, an Ethereum layer-2 protocol backed by Vitalik Buterin, announced the upcoming launch of a yield-bearing stablecoin that might give it a different business model than traditional L2s, which drive revenue through transaction fees. The stablecoin, USDm, is being developed in partnership with Ethena, an algorithmic stablecoin protocol with $13 billion in total value locked (TVL). It will launch on Ethena’s USDtb infrastructure, which channels reserves into BlackRock’s BUIDL — a tokenized US Treasury bill fund with a $2.2 billion market cap and steady yield, according to RWA.xyz. Yield from the stablecoin’s reserves will reportedly be used to offset sequencer fees, the Ethereum gas costs a layer-2 incurs when publishing batches of transactions to the main chain. Read more
Hackers drained 193,000 SOL from SwissBorg’s Solana Earn program after a Kiln API was compromised, affecting 1% of users and 2% of assets. SwissBorg, a Switzerland-based crypto wealth management platform, said hackers exploited a vulnerability in the API of its staking partner Kiln, draining about 193,000 Solana tokens from its Earn program. The SwissBorg app and other Earn products were not impacted by the hack, the company wrote in a post on X. The stolen SOL (SOL) tokens were worth roughly $41 million at time of writing. The breach originated with Kiln, a staking infrastructure provider that powers yield products on blockchains such as Solana and Ethereum. Read more