Uniswap Labs Unveils New Venture Capital Unit Focused on Web3 Projects

Uniswap Labs, the largest decentralized trading and automated market-making protocol on Ethereum, announced on Monday that it has launched a new venture unit- the Uniswap Labs Ventures, to invest in projects across Web3.  The firm said that Uniswap Labs Ventures would invest in various web3 initiatives, focusing on startups developing consumer-facing apps, developer tools, and blockchain … Read more

NGINX Shares Mitigations for Zero-Day Bug Affecting LDAP Implementation

The maintainers of the NGINX web server project have issued mitigations to address security weaknesses in its Lightweight Directory Access Protocol (LDAP) Reference Implementation. “NGINX Open Source and NGINX Plus are not themselves affected, and no corrective action is necessary if you do not use the reference implementation,” Liam Crilly and Timo Stark of F5 … Read more

TravelX, Air Europa Launch World’s 1st Flight Ticket NFTs

TravelX announced on Monday that it has partnered with Air Europa to release the world’s first non-fungible token (NFT) flight ticket collections or “NFTickets.” TravelX claims to be building the travel industry’s first blockchain-based distribution protocol. While Air Europa is the third largest Spanish airline flying to over 60 destinations around the globe. The announcement … Read more

Germany Shuts Down Russian Hydra Darknet Market; Seizes $25 Million in Bitcoin

Germany’s Federal Criminal Police Office, the Bundeskriminalamt (BKA), on Tuesday announced the official takedown of Hydra, the world’s largest illegal dark web marketplace that has cumulatively facilitated over $5 billion in Bitcoin transactions to date. “Bitcoins amounting to currently the equivalent of approximately €23 million were seized, which are attributed to the marketplace,” the BKA … Read more

CISA Warns of Active Exploitation of Critical Spring4Shell Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added the recently disclosed remote code execution (RCE) vulnerability affecting the Spring Framework, to its Known Exploited Vulnerabilities Catalog based on “evidence of active exploitation.” The critical severity flaw, assigned the identifier CVE-2022-22965 (CVSS score: 9.8) and dubbed “Spring4Shell”, impacts Spring model–view–controller (MVC) and Spring … Read more

U.S. Treasury Department Sanctions Russia-based Hydra Darknet Marketplace

The U.S. Treasury Department on Tuesday sanctioned Hydra, the same day German law enforcement authorities disrupted the world’s largest and longest-running dark web marketplace following a coordinated operation in partnership with U.S. officials. The sanctions are part of an “international effort to disrupt proliferation of malicious cybercrime services, dangerous drugs, and other illegal offerings available … Read more

Block Admits Data Breach Involving Cash App Data Accessed by Former Employee

Block, the company formerly known as Square, has disclosed a data breach that involved a former employee downloading unspecified reports pertaining to its Cash App Investing that contained information about its U.S. customers. “While this employee had regular access to these reports as part of their past job responsibilities, in this instance these reports were … Read more

FIN7 Hackers Leveraging Password Reuse and Software Supply Chain Attacks

The notorious cybercrime group known as FIN7 has diversified its initial access vectors to incorporate software supply chain compromise and the use of stolen credentials, new research has revealed. “Data theft extortion or ransomware deployment following FIN7-attributed activity at multiple organizations, as well as technical overlaps, suggests that FIN7 actors have been associated with various … Read more