JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
Hinkal privacy protocol exploited for $820,000 as attacker funnels stolen funds through Tornado Cash
An attacker exploited Hinkal, a DeFi privacy protocol, for roughly $820,000 in USDC on July 3, 2026, draining nearly all of the protocol’s total value locked. The stolen funds were converted to ETH ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results