The crypto industry has received notable security alerts in the last 24 hours. First, Ledger CTO Charles Guillemet shared about a major security update for Chrome web browser, which addresses 26 distinct vulnerabilities (4 critical and 22 high) that could allow unauthenticated attackers to execute malicious code remotely.
These vulnerabilities primarily consist of classic memory management errors such as use-after-free conditions, heap buffer overflows and out-of-bounds access. Hence, an attacker can lure a victim to a maliciously crafted webpage, write payloads directly into system memory and achieve remote code execution.
This critical patch cycle is designed to remediate multiple severe memory corruption flaws that pose significant risks to individual users and enterprise networks alike.
This, according to Guillemet, highlights the importance of staying vigilant. “A good reminder that you can’t trust your browser/computer for your valuable secrets,” Guillemet added.
In a separate alert, major crypto exchange Binance warns users of an iOS risk. In a tweet, Binance issued an iOS security alert, necessitating an immediate system update for iOS users.
IOS security alert issued
According to Binance, Apple is urging iPhone/iPad users to update iOS as a matter of urgency, as a critical iOS exploit chain known as “DarkSword” was affecting iOS 18.4 to 18.7. This issue is not related to any exchange or wallet application, but rather a system-level vulnerability in iOS.
Attackers may exploit this vulnerability when users visit compromised (but seemingly legitimate) websites. The exploit can also be triggered automatically without any user interaction, allowing attackers to extract sensitive data, including crypto wallet information. The malware may also erase its traces after execution, making detection extremely difficult.
Devices utilizing iOS 18.4-18.7 may be at risk, requiring immediate action. In this light, users are urged to immediately update their iPhone/iPad to the latest iOS version in order to remain safe.
