LodeHQSubscribe →

Laser Wallet Hack, $5M Seed Theft, SYSTEM via Defender

Infosec · 2026-07-10

Vulnerabilities & Exploits
Laser Pulse Can Reset Tangem Wallet Passwords, Leaving Cards Unpatchable5 MIN

Ledger’s Donjon team showed a laser pulse can force a Tangem wallet card into recovery mode, letting an attacker set any password and seize the funds. The exploit requires physical access and a costly lab setup, and because Tangem cards can’t receive firmware updates, the flaw is permanent for every card sold.

Symlink Trick Lets Six AI Coding Assistants Write Outside Your Workspace11 MIN

Wiz researchers uncovered GhostApproval, a symlink‑based vulnerability affecting Amazon Q, Anthropic Claude, Augment, Cursor, Google Antigravity and Windsurf. A malicious repo can trick the assistant into editing arbitrary system files while the user sees a harmless path, enabling remote code execution on the developer’s machine. Vendors have fixed three tools, others remain vulnerable.

RoguePlanet gives local attackers SYSTEM access on patched Windows Defender3 MIN

CVE-2026-50656, dubbed "RoguePlanet," lets a low‑privileged user spawn a SYSTEM‑level command shell via a race condition in Microsoft Defender's scanning engine. The flaw works even with real‑time protection on, and no official patch was released as of late June 2026.

Weak Seed Phrase Generator Lets Attackers Bleed $5M from Crypto Wallets3 MIN

Coinspect disclosed the ‘Ill Bloom’ flaw, weak randomness in recovery‑phrase generation, that leaves thousands of software wallets across Bitcoin, Ethereum, Polygon, Tron and others exposed. Since May 27, attackers have siphoned at least $5 million, compromising 431 of the 2,114 vulnerable addresses. Users must generate a fresh wallet with a trusted seed source; hardware wallets remain safe.

Threats & Malware
WP‑Shellstorm Exposed: 1.4 M WordPress Targets and 5,700 Active Webshells9 MIN

An open server left by a Chinese‑linked cybercrime group leaked 800 MB of tools, logs and a target list of over 1.4 million WordPress sites. Analysis shows more than 5,700 live webshell backdoors and weaponization of 27 CVEs, confirming WP‑Shellstorm as a large‑scale access‑brokerage operation. Researchers warn the compromised sites are now at risk of resale and further attacks.

GigaWiper merges disk wiper, fake ransomware, and spyware into a single backdoor19 MIN

Microsoft uncovered GigaWiper, a Golang backdoor that lets attackers pick between a physical disk wiper, a fake ransomware encryptor, and a FlockWiper-derived scrubber. By bundling three legacy tools into one implant, the group gains on‑demand destructive power while keeping a minimal footprint. Defenders must watch for its multi‑stage C2 commands and the distinctive Go binary traits.

Lurking Lizard Uses Fake 7‑Zip Installers to Turn PCs into Rental Proxy Nodes5 MIN

Researchers uncovered that the actor Lurking Lizard distributes trojanized 7‑Zip installers from over 230 look‑alike domains, silently enrolling victims’ computers as residential proxy servers. The illicit proxy network fuels paid services, hijacking home bandwidth and exposing users to legal and privacy risks.

Silver Fox’s MODBEACON hides C2 in gRPC streams, toughening detection2 MIN

China-linked Silver Fox has deployed MODBEACON, a Rust‑based RAT that tunnels encrypted C2 over gRPC streaming, reusing Xray/V2Ray transport code. The design makes network traffic blend with legitimate CDN traffic, complicating detection and giving the group a more resilient ransomware‑as‑a‑service capability.

Privacy, Policy & Governance
Supreme Court ruling could force police to get warrants for license‑plate camera searches4 MIN

The Supreme Court’s Chatrie decision, which now requires a warrant for cell‑phone location searches, may soon apply to automated license‑plate readers (ALPR). Legal experts warn that extending the ruling would force police to obtain warrants before probing billions of captured plates, curbing a key surveillance tool.

Get Infosec in your inbox, every issue.
Subscribe free
Privacy · Terms · About · Contact
© 2026 LodeHQ