bug-bounty548
xss382
exploit266
google216
rce188
facebook164
microsoft142
writeup135
web3123
cve104
open-source91
csrf89
malware84
apple80
account-takeover79
browser75
sqli69
ai-agents63
ssrf58
cloudflare54
dos50
tool46
privilege-escalation45
privacy44
phishing44
pentest43
oauth43
aws41
lfi41
ctf41
idor38
supply-chain38
llm37
cloud35
opinion35
auth-bypass35
node34
react34
cors33
automation33
reverse-engineering32
machine-learning32
clickjacking31
infrastructure31
code-generation31
race-condition29
access-control27
subdomain-takeover26
info-disclosure25
wordpress25
0
3/10
Trezor's server infrastructure was compromised by ransomware on March 10, 2026, leading to distribution of malicious firmware to approximately 74,000 devices and unauthorized transactions affecting 3,800 users. Emergency Security Patch 2.6.4 was released to remove malware and restore device security, with the company establishing a compensation program for affected users.
ransomware
supply-chain-attack
firmware-compromise
hardware-wallet
server-compromise
cryptocurrency
unauthorized-access
malware-distribution
trezor
Trezor
Trezor Suite
Security Patch 2.6.4
Billy Campbell