$290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms: ThreatsDay

The latest ThreatsDay bulletin from hackmyip.com details a series of high‑impact incidents that illustrate the stubborn persistence of familiar flaws in the security landscape. Topping the list is a $290 million decentralized finance (DeFi) exploit that drained funds from a prominent platform after attackers leveraged a known, yet unpatched, smart‑contract vulnerability. The breach underscores the rapid growth of DeFi ecosystems and the urgency for developers to adopt rigorous code audits, formal verification, and timely patching to prevent such massive financial losses.

On the macOS front, a series of “living‑off‑the‑land” (LotL) attacks were observed where threat actors abused legitimate system utilities to execute malicious payloads without deploying traditional malware. By masquerading as benign scripts or leveraging built‑in scripting environments, the campaign avoided detection by many conventional endpoint solutions, highlighting the need for advanced behavioral analytics and tighter controls over privileged system tools.

The bulletin also flags the emergence of ProxySmart’s SIM‑farm operations, which automate large‑scale SIM swapping and SMS‑based two‑factor authentication bypass. These farms enable attackers to hijack mobile accounts en masse, facilitating financial fraud and unauthorized access to corporate VPN services. The activity demonstrates how the telecommunications supply chain remains a fertile attack vector, especially when carriers offer weak verification processes.

In total, ThreatsDay aggregates 25 additional stories ranging from new ransomware families and phishing kits to critical zero‑day disclosures and supply‑chain compromises. The recurring theme across these reports is all too familiar: identical programming errors, unpatched dependencies, and a fragmented security posture continue to provide adversaries with low‑cost entry points. Security teams are urged to prioritize patch management, enforce multi‑factor authentication, and adopt a zero‑trust architecture to mitigate the risk posed by this evolving threat landscape.