"There's entrapment everywhere, both on and off the chain." -- A timid person.

🚨SlowMist TI Alert🚨 A large-scale NPM supply chain attack is underway... 📩A reputable developer's NPM account was targeted by a fake "NPM 2FA Update" email phishing attack, allowing the attacker to inject an obfuscated index.js into a popular package (downloaded over 1 billion times). The attack payload hijacked browser wallets (such as 🦊MetaMask) and intercepted network requests (fetch and XMLHttpRequest), silently exchanging cryptocurrency addresses (#ETH/#BTC/#SOL/#TRX) to the attacker's wallet (0xFc4a4858bafef54D1b1d7697bfb5c52F4c166976). 🔒 Immediate Action: 👨‍💻 Developers/Wallets/DeFi → Audit dependencies, rotate credentials, and remove compromised packages. 🔑 Users → Prefer using hardware wallets and verifying every transaction. ⛔ Software wallet users → Avoid on-chain transactions until safe. Stay vigilant! ⚠️ #Security #SupplyChainAttack

🚨 NPM Supply Chain Attack 🚨 Popular developer qix fell victim to a phishing attack. Malicious code was injected into an npm package and hijacked cryptocurrency transactions during signing. Attack Methods: • Hooking wallet functions (request/send) • Swapping recipient addresses in ETH/SOL transactions • Replacing addresses in network responses Affected versions: chalk, strip-ansi, color-convert, etc. Safety Tips: ✓ Verify recipient/amount on the wallet screen ✓ Check if address changes after pasting ✓ Review recent transactions ✓ Use a hardware wallet for high-value transactions Details: https://t.co/ssV9aUpQUU

Lavamoat. It's practically built for supply chain attacks. It prevents malicious code from monkey-patching global variables ( `xmlhttprequest`, `fetch`, `window.ethereum`) at runtime. It's free. Tell your favorite dapp developer about it.

Inside Kim Soo-hyun's Leaks: How the "Kim" Leaks Exposed North Korea's Credential Theft Tactics

RT @realScamSniffer: 🚨 ScamSniffer August 2025 Phishing Report August losses: $12.17 million | 15,230 victims Compared to July: Losses increased by 72% | Transaction volume increased by 67%...

Deepfake Phishing Attacks

🔥North Korea's Lazarus Group just launched an audacious new hack, impersonating colleagues on Telegram, setting up a fake Calendly website, and cycling through three custom RATs to compromise the systems of DeFi workers.

RT @SlowMist_Team: 🚨SlowMist TI Alert🚨 Rumors are circulating that @VenusProtocol contains a vulnerability. Our ongoing joint analysis suggests this may not be the case...

1. Ethereum's on-chain DEX trading volume exceeded $140.1 billion in August. 🍠This marked a record-breaking monthly increase, with the number of active addresses reaching 16.77 million, also an all-time high. Ethereum's TVL now stands at $92.58 billion. 2. Anoma partnered with OKX Wallet to launch a limited-time whitelist draw for Shrimpers NFTs. 🥔 Participants must connect to OKX Wallet, hold a certain amount of BASE_ETH, and complete designated tasks on social media platforms to participate in the whitelist draw. 3. The APE token will be expanded to the Solana chain and integrated with DeFi. 🥐ApeCoin announced the launch of its R.A.I.D. strategy, transforming its token from a governance token to a cultural token, with the goal of driving the development of the ApeCoin ecosystem. 4. XPL lost $0.88. 🥕The XPL coin price rose over 20% in 24 hours to $0.8670, reaching a new high and attracting investor attention. 5. The total market value of RWAs has reached $28 billion. 🥒With a year-on-year growth of 133%, RWA tokenization has become one of the fastest-growing sectors in the crypto space, attracting the attention of institutional investors. Stablecoins are expected to reach a market value of $2 trillion by 2030. 📝Information provided👇 🤖OwlxAI #TongjunCoinDailyQuickRead #CryptoMarketPullback #MichaelSaylorhintsIncreasingBTCHolds #BinanceHODLerAirdropMITO #InfluxofCapitalDrivesSOLRally