⬢ GM Security — 2026-06-25: $63.4M across 30 incidents

Daily crypto security briefing

2026-06-25 13:14 UTC · last 72h · 30 items · $63.4M reported losses · 49 sources

📊 Trend tracker

• 23 new today · 7 developing
• 7-day: 144 incidents, $975.9M stolen (+1025% vs prior week)
• 30-day: 190 incidents, $1.06B stolen
• 7-day vectors: smart-contract bug (25), social engineering (15), private-key compromise (7)
• Repeat targets (30d): certik (6), bitcoin (6), tornadocash (5), thetanuts (5), aztecconnect (4)

Last 24 hours

• [SCAM · NEW] @PeckShieldAlert: #PeckShieldAlert Our community member has reported that @gnosis_ 's X account has been compromised. Do *Not* interact w… (@PeckShieldAlert)
• [ADVISORY · NEW] @tayvano_: To be clear: these guys rolled their own crypto so fucking hard that anyone could get your private key from public info… (@tayvano_)
• [ADVISORY · NEW] @SlowMist_Team: 🚨 SlowMist TI Alert 🚨 (@SlowMist_Team)
• [ENFORCEMENT · NEW] $47M in Crypto Frozen in Global Infostealer Takedown: Europol — ~$47.0M (Decrypt)
• [ADVISORY · NEW] @CertiK: Most RWAs are Treasuries. @XDCNetwork is different. — ~$860.0M (CertiK)
• [ADVISORY · DEVELOPING · day 6] @Phalcon_xyz: 🗓 Weekly Web3 Security Roundup | Jun 15 - Jun 21 — ~$18.3M (@Phalcon_xyz)
• [ENFORCEMENT · NEW] CoinEx denies claims it served as $3.84 billion gateway to sanctioned Iranian crypto firms (CoinDesk)
  also: TRM Labs · The Block
• [EXPLOIT · NEW] @PeckShieldAlert: #PeckShieldAlert The #KyberSwap exploiter-labeled address moved another 2K $ETH to #TornadoCash. (@PeckShieldAlert)
• [ENFORCEMENT · NEW] Thailand issues arrest warrant for Chinese businessman tied to $28 million illegal crypto mining probe: report — ~$28.0M (The Block)
  also: Decrypt
• [ENFORCEMENT · NEW] China hands death sentence to convict who laundered $7M through crypto — ~$7.0M (crypto.news)
• [EXPLOIT · NEW] @CertiKAlert: #CertiKInsight 🚨 — ~$47.0M (@CertiKAlert)
  also: @CertiKAlert
• [OTHER · NEW] Ethereum price holds $1,600 as whales buy the dip (crypto.news)
• [OTHER · NEW] XRP slides 2.8% as weak bounce keeps $1 support in focus (CoinDesk)
• [EXPLOIT · NEW] @HalbornSecurity: A deprecated contract isn't a dead contract. ⚠️ — ~$2.1M (@HalbornSecurity)
• [SCAM · NEW] Fake Crypto Influencer Gets 15 Months for $1.4M Telegram Staking Fraud — ~$1.4M (Decrypt)
• [OTHER · NEW] Zcash eyes 15% drop as price approaches critical $400 support (crypto.news)
• [EXPLOIT · NEW] @pcaversaccio: the latest tornado cash proposal 67 is _malicious_: https://bafybeie5hxovqc4ifcnrnhvmjbefxgeix6oqvzaspyytdxiyscji22v5pu… (pcaversaccio)
• [OTHER · NEW] @tayvano_: They did it. They actually did it. (@tayvano_)
• [OTHER · NEW] @PeckShieldAlert: #PeckShieldAlert $MIM has dropped -36% to 0.5 (@PeckShieldAlert)
• [OTHER · NEW] @tayvano_: Ex-Ethereum Foundation Researchers Launched Their Own Lab https://t.co/U3uxZwlFEN (@tayvano_)
• [ENFORCEMENT · NEW] @chainalysis: Today, the DOJ seized tech used by the crime-facilitating Huione Group to transfer and launder billions of dollars in f… (@Chainalysis)
  also: Decrypt
• [OTHER · NEW] @spreekaway: But surely he won't do it below 1.0. (@spreekaway)
• [OTHER · DEVELOPING · day 5] @spreekaway: https://t.co/a7RQYh6vQU (@spreekaway)

Earlier · 24–72h

• [EXPLOIT · DEVELOPING · day 2] Yield Yak — exploit (SlowMist Hacked DB)
• [EXPLOIT · NEW] Aztec Bridge - Rekt — $2.2M (rekt.news Leaderboard)
• [EXPLOIT · DEVELOPING · day 2] THORChain Resumes Trading After Month-Long Halt From $10.7M Exploit — ~$10.7M (The Defiant)
• [OTHER · DEVELOPING · day 2] Crypto’s Clarity Act Has a New Enemy: Catholic Leaders (Decrypt)
• [EXPLOIT · DEVELOPING · day 2] BlockThreat - Week 25, 2026 (BlockThreat)

🧠 Deep reads

• MemeCore's M token suddenly crashes 80% with no clear trigger (CoinDesk)
• Best Tools for Monitoring Cryptocurrency Transactions for Fraud and Suspicious Activity | TRM Labs (TRM Labs)

💡 Security thought-spark

Today's spike in private-key compromise incidents (items 4, 5) and the Tornado Cash malicious governance proposal (item 3) highlight that trust in both custom cryptographic implementations and DAO governance processes is a single point of failure—audit your key generation code and enforce mandatory timelock delays for all on-chain proposals.

Full data: https://gmsecurity.net/briefing.json. Feedback or a source to add? [email protected]. George Donnelly offers Web3 development & security consulting.