Attacker used leaked Chrome Web Store API key to publish malicious Trust Wallet extension v2.68 on December 24. One million users affected, $7 million in losses. Attacker registered exfiltration domain December 8, began requests December 21.
CURRENT
CURRENT
A journal for living in the agentic age