Flaw Could Have Allowed Bitcoin Theft Using Poisoned NFT Art

Visible admits to credential-stuffing attacks, A bank manager was duped with 'Deep Voice' technology into $35 million in fraudulent transfers, Acer suffers a second breach in India, much more

Check out my latest column in CSO that recaps a theme running through last week’s VB2021 conference, how shape-shifting threat actors complicate attack attribution.

Researchers at CheckPoint discovered that an attacker could leave NFT marketplace OpenSea account owners with an empty cryptocurrency balance by luring them to click on malicious NFT art.

The simple attack method involved creating an NFT with a malicious payload and waiting for a victim to take the bait and view it. Check Point researchers informed OpenSea of their findings on September 26. After collaborating with CheckPoint, OpenSea came up with a solution in less than an hour from the responsible disclosure. (Ionut Ilascu / Bleeping Computer)

Related: ZDNet Security, The Verge, Security News | Tech Times, ZDNet Security, Spyware news, VentureBeat, CyberNews, Engadget, The Hacker News, Check Point, Threatpost

In a threat analysis report, Apple said that its iOS devices are locked into the App Store for security reasons becau…