6-23
Golpe de laptop barata faz comprador em Hong Kong perder HK$1,23 milhão (cerca de US$156 mil)
Um comprador em Hong Kong perdeu HK$1,23 milhão (cerca de US$156 mil) após fazer 80 transferências para um fraudador que se passava por vendedor de laptop ao longo de 30 dias. Parte dos pagamentos foi feita em caixas eletrônicos de Bitcoin, o que dificulta a recuperação do dinheiro por se tratar de transações essencialmente irreversíveis. A polícia atribuiu o caso à chamada “falácia do custo afundado”, em que cada nova taxa parecia ser o último passo para recuperar o valor já pago.
BTC
BTC+3.76%
6-23
6-9
OpenAI plans major ChatGPT redesign into a superapp ahead of IPO option
OpenAI is preparing its largest ChatGPT revamp since 2022, aiming to turn the chatbot into a superapp that bundles coding tools, AI agents, and third-party integrations. The rollout is expected to surface on the web and mobile apps in the coming weeks as the company looks to convert a nearly 1 billion mostly free weekly user base into paid usage, helped by Codex’s more than 5 million weekly active users.
BTC
BTC+3.76%
6-9
6-9
Reaper macOS infostealer abuses Script Editor to target Ledger, Trezor, Exodus
Reaper, a macOS infostealer, is spreading via fake download pages impersonating apps such as WeChat and Miro, then using Script Editor to execute hidden AppleScript. It targets desktop wallet software including Ledger Live, Trezor Suite, and Exodus, while also stealing browser passwords and sensitive files. Victims are prompted by a fake Apple security update dialog to enter their Mac password before data theft begins.
6-9
6-6
Arweave-linked WeaveDB npm packages trojanized to drop IronWorm malware
A Rust-based infostealer dubbed IronWorm was embedded in 36 npm packages connected to the Arweave/WeaveDB ecosystem, targeting developer credentials, SSH keys, and Exodus wallet files. The malware ran via a preinstall hook during npm install, searched 86 environment variables and 20 credential files, and used stolen GitHub tokens to spread through malicious commits. Security researchers advised anyone who installed the affected packages to rotate exposed secrets and harden npm/GitHub accounts.
AR
AR+2.85%
6-6