Coinbase revealed that its employees were targeted by sophisticated hack attacks leveraging two Firefox 0-day vulnerabilities, spear phishing, and social engineering.
The attacks started on June 17, where Coinbase’s employees received emails from Gregory Harris, a Research Grants Administrator at the University of Cambridge contained a web link that, when opened in Firefox, would install malware capable of taking over someone’s machine. The attacks were detected and blocked by Coinbase’s security team.
The attackers seems to be highly skilled and experienced in writing exploit codes as they used unpublished Firefox 0-days, they hacked two Cambridge university email accounts, created created a landing page with exploit code at the University of Cambridge official domain and they could bypass Coinbase spam filters.
Coinbase team reached out to Cambridge University to assist in securing their infrastructure and to collect more information about the attacker’s behavior.
Coinbase is a cryptocurrency exchange headquartered in San Francisco, California. Coinbase is considered to be the largest cryptocurrency exchange in USA.
On August 8, 2025, Trezor sent out an email to customers. The company said there’s… Read More
On July 16, 2025, crypto exchange BigONE confirmed that it was hacked. The attacker stole… Read More
Researchers uncovered coordinated campaign of over 40 malicious Firefox extensions. These add‑ons mimic trusted… Read More
Paris, France – French police arrested several suspects this week tied to disturbing May… Read More
PayPal just announced big plans for its stablecoin. The company wants to bring PayPal USD… Read More
Binance, the world's largest cryptocurrency exchange has announced its plans to delist and pause trading… Read More