Armed Intruders Demand Crypto Access in Fake Food Delivery Home Invasion Case

Uber's strategic acquisition efforts could significantly reshape the global food delivery landscape, intensifying market competition and consolidation. The post Uber seeks takeover of Delivery Hero’s regional businesses as $11.6B deal takes shape appeared first on Crypto Briefing.

The ability for attackers to leverage automatic install script execution in npm will finally come to an end when expected changes arrive from GitHub in July. Coders will still be able to enable the function, but the default setting will block it.  In V12, default settings are changing, GitHub said in its changelog, noting, “it turns an npm install behavior that runs automatically today into one you explicitly opt into.”  Specifically, the post said, “allowScripts defaults to off: npm install will no longer execute preinstall, install or postinstall scripts from dependencies unless they are explicitly allowed in your project. This includes native node-gyp builds; a package with a binding.gyp and no explicit install script still gets blocked, because npm runs an implicit node-gyp rebuild for it. Prepare scripts from git, file, and link dependencies are blocked the same way.” Analysts, consultants, and users generally applauded the change, but said that it would only narrow the exposure t

Humanity Protocol has revealed that a compromised employee laptop enabled attackers to obtain control of bridge administration systems across Ethereum and BNB Smart Chain, resulting in the theft and minting of more than $36 million worth of H tokens. According…

Humanity Protocol, a biometric blockchain identity project that had been one of crypto’s top-performing tokens of 2026, suffered a catastrophic security incident on June 9 in which attackers drained approximately $32 million from more than 17 wallets — sending the H token crashing 90% within hours — before on-chain investigator ZachXBT publicly questioned whether the […]

The breach highlights the critical need for robust security measures in crypto projects to prevent massive financial losses and trust erosion. The post Humanity Protocol’s H token crashes nearly 90% after attackers steal private keys and drain $32 million appeared first on Crypto Briefing.

A bug in Gnosis Pay’s delay module allowed attackers to drain user funds. Gnosis co-founder confirms full reimbursements are coming. A security flaw hit Gnosis Pay, and users felt it fast.  The bug targeted the platform’s Zodiac delay module, a feature built to protect transactions with a three-minute cooldown. Instead of blocking attacks, the module […] The post Gnosis Pay Bug Drains User Funds Despite Built-In Security Delay appeared first on Live Bitcoin News.

Taking down a sprawling malware operation once signaled progress in securing the open-source ecosystem. Now, it barely registers. The GlassWorm campaign disruption comes at a moment when attackers can quickly reconstitute, and defenders are increasingly grappling with a new challenge: distinguishing real threats from automated noise. “I think coordinated actions, like GlassWorm, can sever control, significantly increase attacker costs, buy time for remediation, and signal the possibility of a fightback,” said Agnidipta Sarkar, chief evangelist at ColorTokens. “But most takedowns are temporary actions in a long fight.” The CrowdStrike-led takedown, conducted alongside Google and the Shadowserver Foundation, disrupted infrastructure linked to the campaign that had poisoned hundreds of repositories with malicious packages targeting developers. A day after the takedown, in an independent development, the OSV database withdrew 157 malware reports after maintainers determined the submissions

Crypto users have continued losing funds to phishing campaigns promoted through Google Ads, with attackers now using fake Uniswap websites to steal hundreds of thousands of dollars from unsuspecting wallet holders. According to on-chain analyst “b-block,” a malicious website impersonating…