Security

Stay informed on cybersecurity and blockchain security news, including smart contract vulnerabilities, protocol exploits, phishing attacks, wallet security, data breaches, and emerging threats. Learn about security best practices, industry responses, and developments aimed at protecting users and digital assets.
Featured only
7h ago
Drift Protocol rebrands as Velocity DEX with $127.5 million Tether credit line
Drift Protocol said it has rebranded to Velocity DEX and secured a $127.5 million credit line from Tether. The relaunch follows an April 1, 2026 exploit attributed to North Korea’s Lazarus Group that resulted in losses of more than $280 million. Drift was previously a leading Solana-based perpetual futures platform, and the incident hit confidence in Solana’s derivatives infrastructure. The credit line is intended to rebuild liquidity and user confidence, while on-chain flows and adoption remain under scrutiny.
SOL
SOL+3.46%
7h ago
14h ago
Fake Polymarket trading bot on GitHub spreads infostealer via 30 malicious npm packages
Hackers posted an open-source project on GitHub disguised as a Polymarket prediction-market trading bot, using it to distribute an infostealing trojan through 30 malicious npm packages. The malware can steal high-risk credentials including crypto wallet private keys and passwords saved in browsers. At least 53 developers have been affected. The incident highlights security weaknesses in DeFi developer toolchains and automated trading infrastructure, even though it did not directly target any specific blockchain or protocol.
ETH
ETH+2.10%
14h ago
22h ago
NEAR Intents and SimpleSwap promote intent-based execution to replace legacy cross-chain bridges as losses exceed $2.8B
In April 2026, one cross-chain protocol lost $292 million after an attacker used a forged authorization message. As of July 1, 2026, cumulative losses tied to cross-chain bridges have topped $2.8 billion. The article says NEAR Intents and SimpleSwap are pushing intent-based execution as an alternative to higher-risk, legacy bridges. It adds that while NEAR could benefit as a core infrastructure provider, the broader security record is fueling systemic concerns about cross-chain liquidity.
NEAR
NEAR+4.31%
22h ago
1d ago
Hackers Steal $75.87 Million From Crypto Platforms in June 2026
安全公司PeckShield数据显示,2026年6月全球加密平台共遭遇40起黑客攻击,累计损失7587万美元。攻击主要集中在跨链桥、智能合约及私钥泄露环节。Humanity Protocol成为当月损失最严重的项目。该数据延续了上半年高频安全事件趋势,但未指向单一头部协议或底层公链的系统性漏洞。事件属行业级风险再暴露,不涉及监管政策变更或宏观变量突变,影响集中于DeFi及桥接生态参与者的信心与资金流。
ETH
ETH+2.10%
1d ago
1d ago
Q2 2026 DeFi hacks hit $780.3 million across 88 incidents, turning yields into a hidden liquidity tax
DeFi suffered 88 hacks with known dollar amounts in Q2 2026, with total losses of $780.3 million through June 30. April accounted for $644.8 million, while May and June added a combined $135.4 million across dozens of incidents. Bridge-related hacks were tagged at $353.4 million, and DeFi protocol-targeted entries made up $735.8 million of the quarter’s total, according to DeFiLlama’s hacks tracker. The data suggest exploit pressure has shifted from isolated events to ongoing strain across multi-chain infrastructure such as bridges, oracles, frontends, signing systems, and contract logic.
Selected
A
A+0.67%
1d ago
6-18
Headline claims a major Bitcoin attack succeeded while the Fed served as a distraction
The headline alleges that the Federal Reserve was used as a distraction and that a major attack on Bitcoin has succeeded. No technical details, timing, losses, or responsible party are provided. The text does not specify whether the alleged incident involved an on-chain exploit, an exchange hot-wallet theft, or an infrastructure disruption such as a mining pool takeover. As presented, it signals a serious security warning but offers no verifiable facts to support the claim.
BTC
BTC+2.30%
6-18
6-16
Unverified social media post urges caution for users holding crypto on KuCoin, Bybit and MEXC
A social media post is warning users to be cautious if they hold crypto assets on KuCoin, Bybit, or MEXC. The post does not specify any incident, timeframe, affected assets, or verifiable details such as losses or service disruptions. With no official statement cited, the message remains an unconfirmed risk alert whose market relevance would depend on whether operational issues later materialize.
Selected
C
C-3.30%
6-16
6-15
Dormant Ethereum DeFi protocol idle for more than three years hacked
A DeFi protocol that had been idle on Ethereum mainnet for more than three years was hacked. Although the project saw no active interactions for an extended period, some user assets had not been withdrawn and remained in the contracts. The attack led to a portion of those funds being stolen, but no specific loss amount was disclosed. The incident highlights security risks that can build up in long-tail DeFi projects when maintenance stalls.
ETH
ETH+2.10%
6-15