Hong Kong SFC Orders Crypto Platforms to Phase Out OTP Logins
The 12-month deadline lands as spoofing attacks climb at Hong Kong-licensed platforms; the move redefines the authentication baseline every retail-facing venue must meet.
Every Zipp story tagged #Cybersecurity, newest first.
The 12-month deadline lands as spoofing attacks climb at Hong Kong-licensed platforms; the move redefines the authentication baseline every retail-facing venue must meet.
The injected code sat on the site frontend rather than in Polymarket's core contracts, but the read for prediction markets is harder: vendor risk now sits inside the user-trust boundary, not outside…
The new Open Protocol Security Coalition lands while a market-structure bill is still in conference, giving DeFi a single lobbying voice on operational security, bug disclosures, and threat-intel…
Stratum V1 job templates are readable in cleartext on many GEO downlinks, turning every mining pool that pipes work over satellite into a passive target.
Crypto's biggest hacks are no longer coming from smart-contract bugs — they're coming from operational and human…
Ronghui Gu warns the industry is building up catastrophic security debt by granting autonomous agents access to credentials and wallets without isolating the execution environment — and a new class…
Socket's TrapDoor disclosure named 34+ malicious packages across npm, PyPI and Crates.io targeting developer machines, CI/CD credentials and AI coding files — the control plane a smart-contract audit…
The danger is no longer a hypothetical "someday" — AI is compressing quantum timelines while also weaponising code auditing, forcing blockchain networks to treat post-quantum migration as a…
The order carves a voluntary, pre-release disclosure window for frontier model developers — short of the binding mandate some in industry had braced for, and a tell on where the White House wants AI…
Casa co-founder Jameson Lopp has issued a warning about a phishing technique that exploits legitimate Google recovery…
Anthropic's Mythos AI system has reportedly identified vulnerabilities in macOS capable of bypassing Apple's built-in…
TRM's 2025 data shows $2.2B of $2.87B in stolen crypto came from infrastructure, not code — audits cover the wrong layer, and AI-assisted continuous defense is the only credible answer.
Mozilla compressed 14 months of security work into one month with model-assisted discovery — the bug bounty, dating to 2006, is the cleanest evidence yet that frontier AI is reshaping the…
April's Drift and Kelp breaches cost more than half a billion dollars combined, with no smart-contract bug — just months of social engineering that walked past every system built to flag a hack.
Admiral Paparo, who runs US Indo-Pacific Command, told a Senate panel Bitcoin's proof-of-work design carries real cybersecurity value — the highest-ranking uniformed endorsement of the network to…