Security Incidents

SecondFi, formerly associated with the Yoroi wallet brand, suspended services after a critical flaw in its proprietary web-based wallet generation software reportedly exposed private keys and led to a major ADA theft. Initial reports placed losses around 16 million ADA, or roughly $2.4 million,

According to Blockonomi, SecondFi recently suspended services following a critical flaw in its web-based wallet key-generation software that exposed private keys and led to ADA theft. Initial reports cited 16 million ADA, or roughly $2.4 million, stolen across 374 wallets. Security firm SlowMist

According to Bitdefender, Poland's Central Bureau for Combating Cybercrime announced on June 27 that police arrested four individuals suspected of operating a large criminal network. The gang hijacked phone numbers, breached cryptocurrency exchange accounts, and conducted SIM-swap attacks to steal f

Polymarket confirmed hackers stole approximately $3 million from more than 11 users through a compromised third-party vendor in June. The attack involved malicious frontend code that phished users into approving fraudulent transactions, according to blockchain security firm Peckshield. The company s

According to Peckshield, hackers drained approximately $3 million from more than 11 Polymarket users in June through a compromised third-party vendor. The attackers injected malicious frontend code that prompted users to approve fraudulent transactions, emptying their connected wallets. Polymarket c

According to Base's status page, the blockchain experienced a second block production halt on Friday (June 26), less than 24 hours after a similar chain halt on Thursday. The Friday outage was brief, with block production halted at 15:33 UTC and resuming by 16:11 UTC. Node operators were required to

According to ChainCatcher, Cardano wallet service SecondFi has completed the final balance snapshot of affected users' assets following a theft incident. The engineering and security teams are advancing asset recovery plans, with returns expected to begin within approximately two weeks: one week to

Polymarket confirmed a phishing attack on Thursday that drained $2.94 million from at least 11 user wallets after a third-party vendor was compromised. A malicious script was injected into the platform's frontend, and blockchain analyst Specter identified the attack as a targeted phishing campaign r

According to Base's official status updates, a consensus issue on June 25 caused an invalid block at height 47,806,542, halting mainnet block production until recovery began at 17:51 UTC. Block production became unhealthy at 16:03 UTC, disrupting deposits, withdrawals and client software across

The U.S. Department of Justice announced the seizure of cloud computing accounts used by Cambodian subsidiaries of Huione Group, which allegedly hosted backend infrastructure supporting large-scale cryptocurrency money laundering operations. According to DOJ statements, Huione Guarantee operated

According to Polymarket, the platform suffered a $2.9M theft on June 26 after attackers injected a malicious script into its frontend. Polymarket contained the compromise and removed the affected dependency. The platform said users will be

Hundreds of thousands of OneCoin fraud victims face a June 30, 2026 deadline to file compensation claims through the Department of Justice's remission program. The FBI is urging eligible victims — anyone who purchased OneCoin between 2014 and 2019 and suffered net financial losses — to submit

According to GoPlus Security, attackers are increasingly using artificial intelligence to identify and exploit vulnerabilities in legacy smart contracts deployed years ago. Recent incidents include a June 9 attack on the 7-year-old Token of Power (TOP) contract on Ethereum resulting in

Polymarket confirmed Thursday that a compromised third-party vendor allowed attackers to inject malicious code into the prediction market's front-end, draining roughly $3 million in user funds. The attack did not target Polymarket's smart contracts but instead served a malicious script through the c

According to Polymarket and on-chain investigators at Bubblemaps, a compromised third-party vendor allowed attackers to inject malicious code into Polymarket's front-end on Thursday (June 25), draining roughly $3 million in user funds. The attackers accessed users' wallets through a malicious

MemeCore's M token plunged over 73% on June 25 without any official bearish news. On-chain detective ZachXBT alleged in April that its trading volume and popularity were suspiciously fabricated, questioning the authenticity of the token's trading volume and accusing insiders of manipulating the price. ZachXBT's allegations have not yet been verified by third-party independent institutions, and MemeCore has not issued any statement regarding this crash. \$M Token Crash Data and Trading Volume Str

Business Insider exclusively revealed on June 22 that Worldcoin operator Tools for Humanity (TFH) is involved in a three-pronged scandal: bribery in Thailand, WLD manipulation, and financial misconduct, potentially crossing the SEC's red line on market manipulation. WLD was reported at approximately $0.61 on June 26, down about 95% from its 2024 all-time high. Origin of the Dual Secret Investigations: Thailand FCPA Concerns and Links to Mauerberger's Pig Butchering Scams According to Business In