ALL POSTS

Key Findings Drift Protocol, a Solana-based decentralized exchange, lost approximately $285 million on April 1, 2026 in a sophisticated social engineering attack Attackers exploited durable nonce mechanisms to obtain unauthorized multisig approvals and gain control of the Security Council administrative powers The attack involved multi-week preparation starting as early as March 23, 2026, with staged execution and pre-signed transactions Threat actors created a fictitious ass

Key Findings North Korean IT operatives are applying to remote positions using real LinkedIn accounts of individuals they are impersonating The goal is to secure jobs at Western companies and conduct espionage, data theft, and ransomware attacks The threat is tracked by the cybersecurity community as Jasper Sleet, PurpleDelta, and Wagemole The impersonated LinkedIn profiles often have verified workplace emails and identity badges to appear legitimate Once employed, the DPRK w