Security Incidents

According to Bits.media, Telegram usernames and premium numbers sold for record-high prices in TON tokens on May 13, with @danbao fetching 1.58 million TON (approximately $2.1 million) from an anonymous buyer last weekend, marking the platform's highest transaction. Other premium numbers

According to ChainCatcher, Aave and Kelp have completed the first phase of their rsETH recovery plan, destroying attacker-held rsETH on Arbitrum. Over the coming days, the parties will gradually replenish funds to LayerZero's OFT adapter and phase in the restart of rsETH operations, with 117,132 rsE

According to Bitcoin developer Jameson Lopp, roughly 200,000 unreachable node addresses have been flooding Bitcoin's peer-to-peer network since April 9, 2026, raising concerns about a potential Sybil-style attack. The anomaly caused ADDR messages—the protocol nodes use to share peer addresses—to

The U.S. Department of Justice on May 12 filed federal charges against three Tennessee men: Elijah Armstrong, Nino Chindavanh, and Jayden Rucker. The three allegedly crossed state lines into California from November to December 2025, disguised themselves as delivery workers to break into the homes of cryptocurrency holders, then after restricting the victims’ movements with firearms, zip ties, and tape, forced them to transfer crypto assets, with the single largest amount reaching $6.5 million.I

According to Slow Mist, decentralized shipping project Aurellion suffered an attack today (May 12), with attackers gaining control of the Diamond contract and draining 455,003 USDC from multiple authorized victim

According to blockchain security firm SlowMist, its threat monitoring system MistEye detected a sophisticated npm worm named 'Mini Shai-Hulud' spreading through developer projects including TanStack, UiPath, and DraftLab. The malware uses compromised GitHub credentials to publish packages

According to ChainCatcher, Goliath Ventures ex-CEO Christopher Delgado recently apologized to investors after being charged by U.S. prosecutors with operating a $328 million cryptocurrency Ponzi scheme. Delgado stated he betrayed investor trust and voluntarily returned to face fraud and money

According to GoPlus, two private key leaks occurred in the past 36 hours, resulting in combined losses of $238,000. The address 0xUnihax0r lost $200,000 and had previously uploaded trading bots and Telegram access. The second compromised address is linked to a larger private key exposure event

According to BeInCrypto, on May 11, Keith Gill’s verified X account “Roaring Kitty” has 1.6 million followers, woke up after 16 months of silence, and posted a Solana Pump.fun contract address and a short video. Because the post style was vastly different from Gill’s usual market commentary, there were widespread suspicions that the account had been compromised. Roaring Kitty’s X account returns: post details According to reports, posts on the Roaring Kitty X account pointed to a Solana meme coi

According to ChainCatcher, on March 22, Resolv's signing infrastructure was compromised, leading to the malicious issuance of approximately 80 million dollars in unsecured USR tokens. Fluid faced a 21 million dollar loss from its 100 million dollar exposure. The loss distribution was finalized as f

According to a report by Step Security on May 11, the threat group TeamPCP launched a new round of supply-chain worm attacks named “Mini Shai-Hulud,” compromising 84 versions of TanStack npm packages and implanting malicious code, targeting the theft of CI/CD environment credentials. Socket Security marked all malicious versions within six minutes of the release. Attack Method and Propagation Mechanism （Source: Socket Security） According to Step Security’s analysis, the attack used a three-stage

According to Stream Finance's official statement on X, the trading protocol is seeking methods to maximize asset value for customers and creditors, with the goal of consolidating, liquidating, and distributing assets swiftly and prudently. The team is considering several strategic alternatives

According to BlockBeats, Roaring Kitty's X account was compromised early on May 12, posting a contract for Meme coin Red Kitten Crew (RKC). The token surged to $12 million in market capitalization before collapsing to $1.8 million. Roaring Kitty subsequently regained control of the account and

Binance claims its AI security systems collectively helped save millions of users $10.53 billion in potential losses from scams between Q1 2025 and Q2 2025, according to a blog post published Monday. The world's largest crypto exchange has rolled out approximately two dozen AI-powered security

According to India's Ministry of Home Affairs, the national cybercrime body issued a formal advisory on April 20 naming three counterfeit "Verify Crypto Assets on BNB Chain" sites targeting Trust Wallet users. A new drainer domain, buepux.com, joined the list on May 3 and is already blocked by

Cryptocurrency security company SlowMist has issued a security alert warning of a high-risk phishing attack targeting TRON (TRX) wallet users, according to a press release from the company. Attackers created a malicious Chrome extension that mimics the official TronLink wallet, using sophisticated s

According to Foresight News, Huma Finance's legacy v1 contract deployed on Polygon was exploited by attackers today, resulting in a loss of 101,400 USDC. The protocol stated that user funds remain unaffected and its PST token is unimpacted. The v2 system on Solana, a complete rebuild, is not

According to Odaily, trader A (@missoralways) reported that two of their wallets connected to Sigma were drained recently, marking the second wallet compromise within six months. The trader stated they had previously stored seven-figure assets in Sigma without security issues, but both drains