The Ill Bloom vulnerability created weak seed phrases, letting attackers drain 431 crypto wallets for $3.1 million.
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.