Slowmist CISO: DarkSword Attack Tool Leaked, iOS Users Advised to Update System Immediately

Gate News Alert: On March 25, 23pds, Chief Information Security Officer at SlowMist Technology, posted a reminder on social media on the 23rd warning that the DarkSword attack tool has been leaked, and all iOS users should update their systems immediately. According to the report, the core capability of this attack tool is to extract forensic-level data from iOS devices through HTTP interfaces. In actual attacks, threat actors can combine social engineering or watering hole attacks to trick users into infection, thereby stealing data from iPhones and iPads and uploading it to servers controlled by the attackers.

Slow Mist Alert: LiteLLM Attacked on PyPI, Crypto Wallets and API Keys Leaked

LiteLLM suffered a PyPI supply chain attack, with compromised versions 1.82.7 and 1.82.8 injected with multilayered malicious code that steals sensitive information such as SSH keys and cloud credentials. Attackers were able to do this without directly compromising upstream services. Affected organizations should immediately rotate credentials and audit systems to prevent further damage.

SIREN surged 30.89% in 24 hours, now trading at $1.69

As of March 25, SIREN coin price surged 30.89% to $1.69, with a market cap of approximately $1.228 billion. The project combines AI and blockchain; however, it faces severe supply concentration risks, with controlling parties holding 88.5% of tokens, significantly increasing market volatility risks.

ZachXBT: Russian OTC Broker Assisted Ransomware Money Laundering Over $4.7 Million, Fund Flows Span BTC to Avalanche

ZachXBT disclosed on X platform that Russian over-the-counter broker Khinkis is suspected of assisting ransomware money laundering of over $4.7 million since July 2025, involving the transfer of 796 Bitcoin, with funds being withdrawn in batches through multiple channels. The investigation shows the entity was active in Southeast Asia and Australia, with personal information repeatedly leaked, increasing enforcement difficulties.

Slowmist CISO: LiteLLM Suffers PyPI Supply Chain Attack, Sensitive Information Including Crypto Wallets and Cloud Credentials at Risk of Leakage

LiteLLM Python AI gateway library suffered a PyPI supply chain attack. Attackers can steal sensitive user information through the pip install litellm command, including SSH keys, cloud service credentials, Kubernetes configurations, and Git credentials.

Besides Resolv being hacked, this type of DeFi vulnerability has occurred four times before.

On a quiet Sunday morning, someone turned $100,000 into $25 million in approximately 17 minutes. The target was the yield-bearing stablecoin protocol Resolv. Before Resolv paused its contracts, its dollar-pegged stablecoin USR had fallen to just a few cents. As of this writing, USR remains severely depegged, trading at around $0.25 and experiencing a decline of over 70% this week. The shockwaves extended far beyond Resolv.