The most material incidents in the last 72 hours are the Secret Network's Axelar Bridge infinite-mint flaw ($4.7M) and the Cardano wallet self-custody exploit ($2.4M), with THORChain resuming after a $10.7M bridge exploit. Dominant attack vectors are smart-contract bugs and bridge exploits, totaling ~$17.8M in confirmed losses. Governance attacks on ENS DAO and Synthetix, plus social engineering scams, add to the threat landscape. Data is likely incomplete due to a failed Immunefi source.
-
THORChain Resumes Trading After Month-Long Halt From $10.7M Exploit
~$10.7M · The cross-chain DEX restored signing, churning, swaps, and LP actions Tuesday morning, six weeks after an Asgard vault breach drained funds across four chains.
-
Yield Yak — exploit
Attack method: Frontend Attack. According to security firm Blockaid, Yield Yak suffered a frontend attack. Its subdomain vote.yieldyak.com was injected with Eleven Drainer malicious code, posing risks of asset theft upon access. This mirrors a similar frontend attack previously experienced by Gitcoin.
-
DOJ Seizes Huione Infrastructure Linked to Billions in Crypto Laundering
The seizure hits a cloud account that powered Huione Guarantee, a Telegram marketplace tied to billions in Southeast Asian scam proceeds.
-
21Shares says bitcoin’s post-halving price action ‘still looks familiar,’ but sees recovery toward $100,000 by year-end
Bitcoin sits roughly 50% below its $126,000 peak in October 2025 as 21Shares points to a $100,000 base-case recovery by year-end.
-
#CertiKInsight 🚨 We have seen a $263K exploit on the Royalties contract at 0xfE16Ee78828672e86cf8E42d8A5119AB79877EC7 on Polygon. Through 100 zero-value transfers, the attacker exploited flawed settlement logic to stack reward records and claim 100X reward. Stay Vigilant! https://t.co/Jjt2yNwZUc [Loss ~$263,000; Protocols: Polygon]
@CertiKAlert: #CertiKInsight 🚨 -
Best Tools for Monitoring Cryptocurrency Transactions for Fraud and Suspicious Activity | TRM Labs
Learn what the best cryptocurrency transaction monitoring tools must offer to detect fraud and suspicious activity patterns, and why TRM Labs stands out for proactive, risk-based blockchain analytics.
-
Crypto’s Clarity Act Has a New Enemy: Catholic Leaders
A group of 82 Catholic leaders warned a key provision of the crypto bill, protecting software developers from prosecution, could enable human trafficking.
-
BlockThreat - Week 25, 2026
$20M stolen across 13 incidents. Jared Got Sandwiched. DPRK is back at it.
-
ENS DAO Delegates Call Foundation Proposal a Governance Attack as Johnson Self-Delegates
Multiple named delegates escalated opposition to the ENS Foundation empowerment temp check Monday, with Security Council member Brantly Millegan threatening a veto and ENS Labs founder Nick Johnson having self-delegated enough tokens to pass the proposal over their objections.
-
A double-spend bug sat in Zcash's Orchard pool since 2022, through multiple audits and expert reviews. In Part 1, @rabizzzy breaks down what the bug actually was, how it surfaced, and why a counterfeiting flaw in a privacy coin is harder to assess than an exchange hack 👇 https://t.co/enuAv4OITT
@Quantstamp: A double-spend bug sat in Zcash's Orchard pool since 2022, through multiple audits and expert reviews. -
Cardano wallets drained of $2.4M after self-custody exploit
~$2.4M · SecondFi revealed that a small number of Cardano wallets were drained but warned that it might not be able to make every affected user whole. The post Cardano wallets drained of $2.4M after self-custody exploit appeared first on Protos.
-
New York man sentenced for $1.4 million crypto fraud scheme using bogus influencer accounts
A New York man who posed as crypto influencers on Telegram and used false promises of staking rewards was sentenced to 15 months in prison.
-
probably only 5 people in the world care but on 2 may the tornado cash proposal 66 was accepted (i.e. on-chain executed), which means an update to the ui version (tornadocash[.]eth[.]limo and some other domains). today i finally found the time to carefully review the _two new https://t.co/L9N7A5Uil1 https://t.co/ma8jjl4K02
@pcaversaccio: probably only 5 people in the world care but on 2 may the tornado cash proposal 66 was accepted (i.e. on-chain executed… -
We are proud to share that we have completed our XRP Ledger Lending Protocol Re-Audit for @Ripple! 🔐 The Lending Protocol is an XRP Ledger DeFi primitive that enables on-chain, fixed-term, uncollateralized loans using pooled funds from a Single Asset Vault. https://t.co/RUAhKlajZ0
@HalbornSecurity: We are proud to share that we have completed our XRP Ledger Lending Protocol Re-Audit for @Ripple! 🔐 -
Better-informed policy is good for everyone building in this space. OPSeC gives our industry a way to make that happen by curating free security resources, hosting educational events, and ensuring technical frameworks reach the policymakers who need them. Learn more: https://t.co/Cm93TRkLNR https://t.co/SIwdtmjG4z
@_SEAL_Org: Better-informed policy is good for everyone building in this space. OPSeC gives our industry a way to make that happen… -
Privacy Contracts Audit
Summary Type: DeFi Timeline: 2026-03-18 → 2026-03-31 Languages: Cairo Findings Total issues: 11 (6 resolved) Critical: 0 (0 resolved) · High: 0 (0 resolved) · Medium: 2 (2 resolved) · Low: 5 (1 resolved) Notes & Additional Information 4 notes raised (2 resolved) Client Reported Issues 0 reported issues (0 resolved)
-
Thailand Expands Crypto Mining Probe Into $300M Chinese Laundering Network
Thailand's DSI says a Chinese "grey capital" network used illegal crypto mining and cash mules to launder more than $300 million a year.
-
Siemens SIPROTEC 5 Using DIGSI5 Protocol
View CSAF Summary SIPROTEC 5 is vulnerable to arbitrary file uploads by authenticated users using the DIGSI 5 protocol. This could allow an attacker to upload malicious configuration files, potentially causing a permanent denial of service condition. As a mitigation measure, users of the CP050 and CP150 device models are advised to upgrade to version 9.90 or later. For CP300 device models, devices 7ST85 and 7ST86 are advised to upgrade to version 10.00 or later, while the remaining models should upgrade to version 9.90 or later. These versions introduce an allow-list feature that restricts ar…
-
Yesterday, OFAC issued sanctions against ISIS-supporting financiers that moved crypto across borders for the terror group. Among the targets: Syria-based MSB Bitcoin Xchange and Turkish MSB Spider. Read more here: https://t.co/QPTYWYl7Io [Protocols: across]
@chainalysis: Yesterday, OFAC issued sanctions against ISIS-supporting financiers that moved crypto across borders for the terror gro… -
🔥Glad to support @HTX_DAO’s HTX Genesis Hackathon as a security partner! Hosted by HTX DAO & https://t.co/WRWRExdtkS, this global hackathon focuses on AI × Web3 innovations in smart finance, AI Agents, and on-chain infrastructure. $20,000 prize pool + $100k compute power and https://t.co/tSJUyLBCJy [Loss ~$20,000]
@SlowMist_Team: 🔥Glad to support @HTX_DAO’s HTX Genesis Hackathon as a security partner! -
Excited to see our CTO @kang_li join #MYBW2026 as a Star Speaker. Dr. Kang Li will share insights on blockchain security, infrastructure resilience, and building safer digital asset ecosystems. See you in Kuala Lumpur.🇲🇾 https://t.co/fxosnj4pdp
@CertiK: Excited to see our CTO @kang_li join #MYBW2026 as a Star Speaker. -
Treasury Sanctions Three Individuals and Six Entities for Routing Crypto to ISIS
OFAC designated three financial facilitators and six money service businesses across Europe, Syria, Turkey, and Nigeria for moving funds to ISIS and its West Africa affiliate using crypto, including two TRON addresses tied to a French national.
-
Synthetix Governance Votes to Retire sUSD, Pay Holders in Vested SNX
Synthetix governance has moved to retire sUSD entirely under SIP-423, introduced June 12. The proposal would freeze the stablecoin contract and pay all holders back at face value in vested SNX at a conversion of four SNX per sUSD. A companion SIP-424 covering technical implementation is pending.
-
guys 😭 https://t.co/LGBXxmyoFF https://t.co/Z6O7asZ6OP
@tayvano_: guys 😭 https://t.co/LGBXxmyoFF https://t.co/Z6O7asZ6OP -
OFAC Sanctions ISIS Operators for Financing Terror Group with Crypto
Summary OFAC designated three individuals and six entities across Europe, the Middle East, and West Africa for facilitating financial transactions… The post OFAC Sanctions ISIS Operators for Financing Terror Group with Crypto appeared first on Chainalysis.
-
Secret Network's Axelar Bridge Drained $4.67M via Infinite-Mint Flaw
~$4.7M · Secret Network's cross-chain bridge to Axelar has been suspended after an attacker exploited a years-old minting flaw in a CW20-ICS20 contract to drain $4.67 million in wrapped tokens over seven undetected days. The exploit ran from June 10 to June 17, drained seven Axelar-wrapped assets, and has
-
Oh shit Brazil’s govt also got pwn’d by Mythos. https://t.co/V0rSWLvkqt
@tayvano_: Oh shit Brazil’s govt also got pwn’d by Mythos. https://t.co/V0rSWLvkqt -
a16z-Backed Goldfinch Finance Winds Down After Originating $100M in Loans
Warbler Labs posted an official governance proposal on June 12 to wind down Goldfinch Prime and move the protocol to maintenance mode. A Snapshot vote is passing 100% in favor. Depositors face a two-or-more-year recovery horizon as GFI trades 99.8% below its January 2022 all-time high.
-
What separates a high-caliber security audit from a surface-level one? 🤔 Our SVP Security & Field CISO @urruts was on the @QRLedger Show to explain how blockchain security audits work, Halborn's approach, and how AI is changing the space. 📺 Watch: https://t.co/bAhwd2DSTz https://t.co/LIJcUgtKx1
@HalbornSecurity: What separates a high-caliber security audit from a surface-level one? 🤔
Sources unavailable: Immunefi (Invalid character in tag name Line: 34 Column: 49 Char: @)
Generated by GM Security · automated digest, verify before acting.