Crypto Security Briefing

29 incidents

$19.3M reported losses

49 live sources

Executive summary

Last 72 hours saw ~$37.7M in confirmed blockchain losses across multiple vector types. The most material incidents were a $7.5M MEV bot private-key compromise and a $4.7M bridge exploit on Axelar/Secret Network, alongside a $1.1M PancakeSwap pool exploit. Dominant attack vectors were smart-contract bugs, private-key compromises, and social engineering, with bridge exploits continuing as a high-impact threat.

Social engineering and supply-chain malware attacks are increasing
Private-key compromises remain a top vector for high-value losses
Bridge and smart-contract exploits continue targeting cross-chain routes
Passkey adoption introduces new but unproven security assumptions

Attack vectors

smart-contract bug · 5social engineering · 5private-key compromise · 3bridge exploit · 2supply-chain attack · 2phishing / wallet drainer · 1

Incidents & reports

#PeckShieldAlert Specter has reported that #MEV bot #JaredFromSubway appears to have been drained of ~$7.5M in crypto, including 1,474.58 $WETH, 2.87M $USDC, & 2M $USDT. The attacker swapped the stolen funds for 4.4K ETH and has already deposited 1K ETH into #TornadoCash https://t.co/qY6IVDdnGJ [Loss ~$7,500,000]
@PeckShieldAlert: #PeckShieldAlert Specter has reported that #MEV bot #JaredFromSubway appears to have been drained of ~$7.5M in crypto,…

~$7.5M · @PeckShieldAlert · private-key compromise, phishing / wallet drainer · Sat, 20 Jun 2026 22:13:48 GMT
indeed, no one else does it like Main Street https://t.co/kMWamDladg
@spreekaway: indeed, no one else does it like Main Street https://t.co/kMWamDladg

@spreekaway · Sat, 20 Jun 2026 19:56:39 GMT
#PeckShieldAlert ethereum:0x890a5122aa1da30fec4286de7904ff808f0bd74a has plummeted 70%. AlphaUSDC Delta V2 (Curator: #AlphaPING) holds a 30% exposure ($18M) to the msY/USDC market. The #Morpho msY/USDC market is 100% utilized. https://t.co/A2THMamJ9v https://t.co/4T4NbnnrgH [Loss ~$18,000,000; Protocols: Morpho]
@PeckShieldAlert: #PeckShieldAlert ethereum:0x890a5122aa1da30fec4286de7904ff808f0bd74a has plummeted 70%.

~$18.0M · @PeckShieldAlert · Sat, 20 Jun 2026 18:12:17 GMT
🚨GoPlus Security Alert: On June 19, @mySwapxyz (Starknet) was exploited. The attacker deployed a fake "EVIL" token contract (0x028c9a) and exploited a vulnerability in a project contract (0x01114c), draining approximately $305,000 from mySwap CL liquidity pools, including https://t.co/8sVDg98bmh https://t.co/yDms1GkODh [Loss ~$305,000; Protocols: Starknet]
@GoPlusSecurity: 🚨GoPlus Security Alert:

~$4.7M · @GoPlusSecurity · smart-contract bug · Sat, 20 Jun 2026 14:13:00 GMT
#PeckShieldAlert An OLPC/LABUBU pool on PancakeSwap on #BNBChain has been exploited, resulting in a loss of ~$1.1M. The exploiter bridged the stolen funds to #Ethereum, deposited 633.4 $ETH into #TornadoCash, and sent 0.0221 $BNB and 0.0411 $ETH to a dead address. https://t.co/lCDWwThsjH [Loss ~$1,100,000; Protocols: PancakeSwap]
@PeckShieldAlert: #PeckShieldAlert An OLPC/LABUBU pool on PancakeSwap on #BNBChain has been exploited, resulting in a loss of ~$1.1M.

~$1.1M · @PeckShieldAlert · smart-contract bug · Sat, 20 Jun 2026 12:46:05 GMT
Michael Saylor fires back as STRC crash sparks fraud claims
Strategy co-founder Michael Saylor has defended the company’s Bitcoin-backed capital strategy after its STRC preferred stock fell well below its $100 par value and triggered fresh criticism from market participants. According to a June 20 X post by Saylor, Strategy’s…

crypto.news · Sat, 20 Jun 2026 12:15:03 GMT
dude, so many people obsessing over fucking tx speed & scale are the same people who deposit into a cex, wait 30 mins for confirmations, and then wait another day or two to get money into their bank account. if fully shielded txs took 1-2 mins to be included, most users would
@pcaversaccio: dude, so many people obsessing over fucking tx speed & scale are the same people who deposit into a cex, wait 30 mi…

pcaversaccio · Sat, 20 Jun 2026 11:48:05 GMT
CZ proposes freezing Satoshi Bitcoin stash to stop quantum theft
Binance founder Changpeng Zhao has proposed freezing up to 1 million Bitcoin linked to Satoshi Nakamoto if those coins remain unmoved after a future transition to quantum-resistant cryptography. Speaking during a June 18 appearance on the Galaxy Brains podcast hosted…

crypto.news · Sat, 20 Jun 2026 09:30:02 GMT
Garcia brothers admit $8M crypto heist after family kidnapping
~$8.0M · Two Texas brothers have pleaded guilty to federal robbery charges after prosecutors said they kidnapped a Minnesota family and forced the transfer of more than $8 million in cryptocurrency. According to the U.S. Attorney’s Office for the District of Minnesota,…

crypto.news · social engineering · Sat, 20 Jun 2026 07:04:40 GMT
EU targets privacy coins while leaving Bitcoin transfers untouched
The European Union has approved anti-money laundering rules that will ban regulated crypto firms from supporting privacy coins while leaving direct Bitcoin transfers between private wallets outside the scope of mandatory identification requirements. According to Regulation (EU) 2024/1624, which will…

crypto.news · Fri, 19 Jun 2026 22:15:24 GMT
Axelar shuts down Secret Network bridge routes after $4.7M exploit
~$4.7M · Axelar has disabled its Secret Network bridge connections after a security incident resulted in the loss of roughly $4.7 million worth of bridged assets. According to Axelar, the exploit affected assets transferred from the Axelar chain to Secret Network through…

crypto.news · bridge exploit · Fri, 19 Jun 2026 20:20:19 GMT
Anime Girls Could Steal Your Crypto as Wallpaper Malware Targets Steam Gamers
Researchers found malicious Wallpaper Engine downloads on Steam Workshop distributing infostealers, backdoors, and account-hijacking malware.

Decrypt · supply-chain attack, social engineering · Fri, 19 Jun 2026 14:39:56 GMT
Namada Shielded Pools — exploit
$600K · Attack method: Protocol Vulnerability. Reported loss ~$600,000. On June 19, 2026, approximately $600,000 in assets (ATOM, USDC, OSMO, TIA, NYM, etc.) were drained from Namada’s Multi-Asset Shielded Pool (MASP) through an IBC Transfer Logic Exploit. The loss initially went unnoticed because a stale indexer continued displaying funds as available, while live RPC queries showed zero balances on the chain. The attacker swept shielded IBC assets cross-chain. Namada confirmed the exploit and is investigating.

SlowMist Hacked DB · smart-contract bug · Fri, 19 Jun 2026 12:00:00 GMT
A short story about Indian scammers who called the cops on themselves: Earlier this week a follower DM'd me from his personal account complaining that 5.73 BTC ($475K) of his was 'unjustly' frozen at Changelly in Mar 2025. So I went and plotted the Bitcoin transaction in my https://t.co/gZxM4dRCW3 [Loss ~$475,000; 5.73 BTC]
@zachxbt: A short story about Indian scammers who called the cops on themselves:

~$475K · @zachxbt · social engineering · Fri, 19 Jun 2026 11:52:19 GMT
"Auditing the code is necessary, but no longer sufficient." At Proof of Talk, CertiK CBO Jason Jiang discussed evolving attack vectors, institutional adoption, AI security, and why security must extend beyond smart contracts. Read the full interview👇 https://t.co/s1Vp2sVTZ7
@CertiK: "Auditing the code is necessary, but no longer sufficient."

CertiK · Fri, 19 Jun 2026 11:31:01 GMT
Microsoft found malware that hijacks crypto wallets and spreads through USB sticks
The software intercepts shortcut files and directs them to install a worm that harvests private keys from the Windows clipboard and inserts its own destination wallet addresses when it detects a transfer.

CoinDesk · private-key compromise, supply-chain attack · Fri, 19 Jun 2026 08:48:14 GMT
North Korea’s crypto hack spree draws fresh G7 warning
G7 leaders urged joint action on North Korea crypto theft as reports tie DPRK hackers to $2.02B stolen in 2025 and missile funding.

crypto.news · social engineering · Fri, 19 Jun 2026 08:35:35 GMT
#CertiKInsight 🚨 @msftsecurity warns about a new crypto clipper active since Feb 2026. The malware monitors the clipboard, steals seed phrases/private keys, captures screenshots, and swaps copied wallet addresses. Stay vigilant!👇 https://t.co/44h2CCoegk
@CertiKAlert: #CertiKInsight 🚨

@CertiKAlert · private-key compromise · Fri, 19 Jun 2026 07:12:21 GMT
#PeckShieldAlert The @Humanityprot exploiter-labeled address has bridged 130 $ETH ($220.6K) from #Ethereum to #BNBChain (381 $BNB) https://t.co/aqcbcQRWa5 [Loss ~$220,600]
@PeckShieldAlert: #PeckShieldAlert The @Humanityprot exploiter-labeled address has bridged 130 $ETH ($220.6K) from #Ethereum to #BNBChain…

~$221K · @PeckShieldAlert · bridge exploit · Fri, 19 Jun 2026 03:46:00 GMT
Morgan Stanley files amendments for ETH and SOL ETFs, revealing lowest fees in market
The disclosure of additional amendments typically reflects active communication with the SEC and progress in the launch process.

The Block · Fri, 19 Jun 2026 02:54:48 GMT
Ex-Celsius CEO Mashinsky gets U.S. CFTC ban in final resolution with regulator
Alexander Mashinsky, the founder of failed crypto lender Celsius, had earlier been imprisoned for fraud and is now formally banned from CFTC registration.

CoinDesk · Thu, 18 Jun 2026 19:26:55 GMT
Quantum computing is an approaching threat to blockchain security. 🔐 For most networks, the cryptographic foundations were never built to withstand it. @QRLedger has been building to address that problem ever since 2018. https://t.co/SshyHndbNW
@HalbornSecurity: Quantum computing is an approaching threat to blockchain security. 🔐

@HalbornSecurity · Thu, 18 Jun 2026 17:00:00 GMT
As social engineering attacks rise, OPSEC matters more than ever. Excited to have Roman, Incident Lead @Quantstamp, at @ETHCincoDeMayo sharing practical ways to lock down your devices, laptops, and accounts! https://t.co/uOPSlAMghj
@Quantstamp: As social engineering attacks rise, OPSEC matters more than ever.

@Quantstamp · social engineering · Thu, 18 Jun 2026 15:18:15 GMT
Securing blockchain infrastructure for institutional adoption means auditing at every layer, not just the smart contracts. 🔐 Our engagement with @RaylsLabs covered smart contract auditing, L1 security assessment, architecture advisory, and cryptographic review. https://t.co/EtzY6neCp1
@HalbornSecurity: Securing blockchain infrastructure for institutional adoption means auditing at every layer, not just the smart contrac…

@HalbornSecurity · smart-contract bug · Thu, 18 Jun 2026 15:00:12 GMT
https://t.co/MzmtARehtY
@spreekaway: https://t.co/MzmtARehtY

@spreekaway · Thu, 18 Jun 2026 14:22:19 GMT
That's right: ZERO. https://t.co/yex0V1k3wi
@spreekaway: That's right: ZERO. https://t.co/yex0V1k3wi

@spreekaway · Thu, 18 Jun 2026 14:12:39 GMT
Passkeys remove seed phrases, but not security risks. From WebAuthn validation to account abstraction, sync, and recovery flows, every layer becomes part of the asset security model. Explore the security considerations for Passkey-based Web3 wallets👇 https://t.co/IsP34cG66u
@CertiK: Passkeys remove seed phrases, but not security risks.

CertiK · Thu, 18 Jun 2026 12:20:00 GMT
🇧🇷 Brazil received ~$318B in crypto this past year—1/3 of LatAm’s total value. But growth attracts more than legitimate users. Our latest research reveals: - Cartel money laundering is the largest identified category of illicit inflows. - Russian sanctions evaders are https://t.co/sEozjcnl3y [Loss ~$318,000,000,000]
@chainalysis: 🇧🇷 Brazil received ~$318B in crypto this past year—1/3 of LatAm’s total value. But growth attracts more than legitima…

@Chainalysis · Thu, 18 Jun 2026 12:09:51 GMT
Rockwell Automation FactoryTalk Historian Site Edition
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to obtain a valid authentication token, perform a denial of service, or crash the system. The following versions of Rockwell Automation FactoryTalk Historian Site Edition are affected: FactoryTalk Historian SE 11 (CVE-2025-13036) FactoryTalk Historian SE <=11.00 (CVE-2025-44019) FactoryTalk Historian SE <=11.00 (CVE-2025-36539) CVSS Vendor Equipment Vulnerabilities v3 7.7 Rockwell Automation Rockwell Automation FactoryTalk Historian Site Edition Concurrent Execution using Shared Resource with Improper S…

CISA Cybersecurity Advisories · access-control flaw, smart-contract bug · Thu, 18 Jun 2026 12:00:00 GMT

Sources: CertiK, ConsenSys Diligence, Cantina / Spearbit, pcaversaccio, Chainabuse, Arkham Intelligence, @PeckShieldAlert, @CertiKAlert, @CyversAlerts, @BlockSecTeam, @AnciliaInc, @Phalcon_xyz, @zachxbt, @SlowMist_Team, @MistTrack_io, @realScamSniffer, @samczsun, @tayvano_, @spreekaway, @_SEAL_Org, @hypernative, @HalbornSecurity, @Beosin_com, @GoPlusSecurity, @Quantstamp, @Chainalysis, @TrugardLabs, DeFiLlama Hacks DB, SlowMist Hacked DB, rekt.news Leaderboard, BlockThreat, Rekt News, SlowMist, Trail of Bits, OpenZeppelin, Zellic, Chainalysis, TRM Labs, Elliptic, CISA Cybersecurity Advisories, SANS ISC, Cointelegraph (Security), crypto.news, The Defiant, The Block, CoinDesk, Decrypt, Protos, Immunefi Audit Reports.

Sources unavailable: Rekt Newsletter (HTTP 403 (native fetch)); Week in Ethereum News (HTTP 403 (native fetch)); Immunefi (Feed not recognized as RSS 1 or 2.); CoinDesk (Crypto) (HTTP 404 (native fetch)); CoinDesk (Regulation) (HTTP 404 (native fetch))

📸 Share image for socials — 1200×630

⬇ Download PNG GM Security daily crypto security briefing

X LinkedIn Bluesky Facebook Threads Reddit Telegram Farcaster Email

Generated by crypto-security-briefing · automated digest, verify before acting.