Paradex Pricing Glitch Briefly Values Bitcoin at Zero, Causing Mass Liquidations and Chain Rollback
A technical error during scheduled maintenance on the Starknet-based DEX Paradex caused Bitcoin’s price to flash at $0, triggering widespread liquidations. The platform rolled back its chain state to a known good block, force-cancelling open orders and restoring pre-maintenance account balances. Recovery modes and withdrawal restrictions remained in place while the team continued assessment.
DeadLock Ransomware Exploits Polygon Smart Contracts to Evade Takedowns
Cybersecurity firm Group-IB warns that the DeadLock ransomware is leveraging Polygon smart contracts to rotate proxy server addresses, making its command-and-control infrastructure highly resilient. The on-chain technique allows attackers to update their proxy endpoints without centralized servers, complicating disruption efforts.
Jefferies Analyst Warns Quantum Computing Could Compromise Bitcoin Cryptography
Jefferies global head of equity strategy removed bitcoin from his long-term model portfolio, citing the existential risk posed by cryptographically relevant quantum computers. A ChainCode Labs report warns that a sufficiently powerful quantum machine could derive private keys from public keys in days, threatening up to 50% of circulating BTC.
Crypto.com reports $30 million breach in Bitcoin and Ethereum hack
Crypto.com disclosed a security breach resulting in unauthorized withdrawals totaling 4,836 ETH and 443.93 BTC, worth over $30 million, after attackers bypassed two-factor authentication. The exchange has reimbursed affected users and enhanced wallet security measures.
Tether freezes $182M USDT across five Tron wallets
Tether executed one of its largest single-day enforcement actions by immobilizing approximately $182 million in USDT across five wallet addresses on the Tron blockchain after receiving a formal law enforcement request. The freezes, ranging from $12 million to $50 million per address, underscore Tether’s compliance framework launched in December 2023 and its cooperation with global sanctions regimes.
Truebit Token Crashes 99% After $26M Ethereum Exploit
Truebit reported a smart-contract exploit that drained approximately 8,535 ETH (around $26 million), triggering a 99% collapse in its TRU token price. The team acknowledged the breach, confirmed contact with law enforcement, and warned users to avoid the compromised contract address.
Truebit Token Crashes 99% After $26M Exploit
The Truebit protocol suffered a security breach on January 8, 2026, allowing the attacker to drain 8,535 ETH (≈$26.6 million) via a mispriced mint function. The TRU token price plunged by over 99%, and the team has engaged law enforcement to mitigate losses.
Stablecoins Overtake Bitcoin in Dark Web Crime
Chainalysis data shows stablecoins represented 84% of the $154 billion illicit transaction volume in 2025. The shift displaced Bitcoin in dark web crime and empowered large-scale money laundering and state-sponsored evasion operations.
Ledger Faces Fresh Data Breach via Payment Processor Global-e
Hardware wallet maker Ledger confirmed a data exposure incident stemming from its payment partner Global-e. Customer names and contact details were accessed, though private keys and payment data remain secure. Affected users have been notified and advised to monitor for phishing.
$35 million cryptocurrency theft linked to LastPass data breach
Blockchain investigators traced a $35 million crypto theft from LastPass users to Russian cybercriminal infrastructure. Attackers converted stolen assets through mixing services before funneling funds to sanctioned Russian exchanges, revealing coordinated laundering phases over multiple years.
'Hundreds' of EVM wallets drained in mysterious attack
An attacker has drained small sums from hundreds of EVM‐compatible wallets across multiple chains in a wide‐scale exploit. On‐chain investigator ZachXBT linked the incident to the December Trust Wallet hack, warning users to revoke approvals and enhance security.
From Bybit to GMX: The 10 biggest crypto hacks of 2025
Crypto attackers siphoned an estimated $2.2 billion across the ten largest security breaches in 2025, including record thefts at Bybit, Cetus, Balancer V2, and more, highlighting persistent infrastructure risks.
Trust Wallet confirms $8.5M supply-chain hack via leaked Chrome API key
Trust Wallet confirmed that a malicious Chrome extension update caused a supply-chain hack with $8.5 million in stolen funds. Attackers used a leaked Google Chrome Web Store API key to push a compromised extension and exfiltrate mnemonic seed phrases.
Arrest made in $355M Coinbase insider extortion scheme
Coinbase reported the arrest of a former support agent in India tied to a $355 million insider extortion plot that targeted nearly 70,000 customers. Investigation highlights gaps in outsourced security controls and underscores regulatory scrutiny of exchange access workflows.
Flow Network Exploit Triggers Panic Selling, Plunges Price by 46%
An attacker exploited a vulnerability in Flow’s execution layer on Dec. 27, draining $3.9 million by routing funds through Celer, Debridge, Relay and Stargate bridges. Networks and exchanges froze exit paths, yet panic selling pushed FLOW down 46% to a new low before partial rebound.
Trust Wallet Browser Extension Breach Drains $7M From Users
Trust Wallet browser extension version 2.68 was compromised on December 26, 2025, resulting in unauthorized drains of approximately $7 million from hundreds of user wallets. Blockchain investigator ZachXBT and PeckShield identified the exploit, prompting an emergency update to version 2.69 and assurances of full compensation. The breach highlights persistent risks in browser-based wallets.
Trust Wallet Browser Extension Incident Drains Over $6M in Crypto
A supply-chain compromise of the Trust Wallet Chrome extension led to seed phrase imports being intercepted and user wallets drained of over $6 million across multiple blockchains, according to on-chain analysis and community reports. The issue centered on a malicious JavaScript payload in version 2.68 released December 24, which monitored imported seed phrases and transmitted them to an attacker-controlled domain before initiating immediate unauthorized transfers. Trust Wallet has acknowledged the incident, advising users to disable version 2.68 and upgrade to the patched 2.69 release.
North Korean Groups Account for $2.7B Crypto Hacks in 2025
Crypto hacks reached a record $2.7 billion in 2025, led by state-linked North Korean groups responsible for over $2 billion in thefts, including the $1.5 billion Bybit heist. Centralized exchanges and DeFi protocols both suffered high-impact breaches.
Polymarket Accounts Hacked via Third-Party Auth Vulnerability
Decentralized prediction market Polymarket reported user account breaches linked to a third-party authentication provider. Affected wallets, created via Magic Labs email login, suffered unauthorized fund transfers. Polymarket has patched the flaw and will notify impacted users.
Gnosis announces hard fork to recover funds from Balancer exploit
Gnosis Chain operators executed a hard fork to recover assets from a November Balancer exploit that siphoned about $116 million in crypto. The fork follows a prior soft fork and aims to enable affected users to reclaim lost funds.
North Korea-Linked Hackers Stole Over $2 Billion in Crypto in 2025
North Korean–linked hackers stole $2.02 billion in cryptocurrency in 2025 despite fewer overall attacks, driven by high-value breaches such as the $1.5 billion Bybit exploit and sophisticated laundering cycles targeting institutional assets.
Binance Co-CEO WeChat Account Compromised to Promote MUBARA Pump-and-Dump
Binance co-CEO Yi He’s official WeChat account was breached and leveraged to endorse the MUBARA memecoin in a coordinated pump-and-dump. On-chain analysis shows two newly created wallets purchased 21.16 M tokens with 19,479 USDT, later dumping 11.95 M for 43,520 USDT, netting a $55,000 profit while retail traders suffered losses.
Anthropic AI Agents Expose Smart Contract Security Flaws
Anthropic’s AI agents autonomously reconstructed 19 of 34 real smart contract exploits, extracting $4.6 million in simulated value at $1.22 per contract. Exploit automation now rivals traditional audits, necessitating continuous AI-driven adversarial testing in CI/CD pipelines.
Swiss and German authorities shut down cryptomixer.io in money laundering crackdown
Swiss and German law enforcement seized servers and domains of cryptomixer.io, confiscating over €25 million in bitcoin and 12 TB of data. The operation targeted one of the largest crypto tumblers used for illicit transfers.
European Cops Shut Down Cryptomixer Laundering Service
A coalition of law enforcement agencies coordinated by Europol seized the Cryptomixer platform and infrastructure, alleging it laundered over €1.3 billion in bitcoin since 2016. Authorities confiscated three servers, the domain cryptomixer.io and €25 million in bitcoin. The operation targeted ransomware and darknet operators using the service to obfuscate illicit funds.
Yearn Finance DeFi hack exploits yETH vulnerability draining $9M
A vulnerability in Yearn Finance’s legacy yETH token contract enabled an attacker to mint trillions of tokens and drain approximately $9 million from stableswap pools on November 30. The stolen ETH was laundered via Tornado Cash, while V2 and V3 Vaults remained unaffected.
Solana traders targeted by covert browser extension siphoning swap fees
A malicious Chrome extension named Crypto Copilot siphoned fees from Raydium swaps by appending hidden transfer instructions to transactions since June, remaining undetected until flagged by cybersecurity firm Socket.
South Korea suspects North Korea behind Upbit hack
South Korean authorities suspect North Korean Lazarus Group orchestrated an unauthorized withdrawal of 44.5 billion won from Upbit, triggering system inspections and forensic analysis linking the breach to a 2019 heist.
Balancer DAO Considers $8M Recovery Plan After $110M Exploit
Following a November 3 smart-contract exploit that drained $110 million from Balancer v2 vaults, Balancer DAO on November 27 began discussing a plan to distribute $8 million in recovered assets to affected liquidity providers. The proposal includes white-hat bounties and a pro-rata reimbursement mechanism.
Upbit Reports $36M Loss in Solana Hot-Wallet Breach
South Korea’s largest crypto exchange detected unauthorized transfers from its Solana hot wallet, resulting in a $36 million loss across multiple tokens. Remaining assets were moved to cold storage and on-chain freezes are in coordination. Upbit pledged full reimbursement from parent company funds to protect user balances.
Upbit Suspends Solana Token Withdrawals After $37M Irregular Activity
South Korea’s leading exchange halted deposits and withdrawals after detecting irregular Solana token transfers totaling about $37 million. The platform will cover all losses, froze assets worth roughly 12 billion won, and is collaborating with law enforcement. Withdrawal services will resume once security audits are complete.
Cardano Network Experiences Temporary Chain Split After AI-Script Exploit
A malformed transaction caused a brief divergence in the Cardano blockchain, as newer node versions accepted the malformed data while older nodes rejected it. The incident prompted an emergency patch and network-wide upgrade. Cardano’s co-founder described the event as a targeted attack by a disgruntled stake-pool operator.
Aerodrome Finance Suffers Front-End DNS Hijacking, Users Warned of Phishing Risk
Aerodrome Finance on Coinbase’s Base network was targeted by a front-end DNS hijack, redirecting users to phishing domains. Smart contracts remained secure; users urged to revoke approvals and use ENS mirrors to interact safely.
ICIJ Investigation Reveals Crypto’s Criminal ‘Coin Laundry’ Financial Network
The ICIJ investigation uncovered extensive crypto-backed money laundering networks operating through major exchanges such as Binance, Coinbase and Kraken. The probe involved over 100 journalists from 35 countries exposing flows tied to drug cartels, people trafficking and sanctioned entities. The series highlighted gaps in compliance and called for stronger cross-border regulatory cooperation.
Suspected $30M Manipulation Causes $4.9M Loss on Hyperliquid
A suspected $30 million market manipulation on Hyperliquid triggered $4.9 million in losses after a trader used $3 million USDC to create a fake buy wall, causing forced liquidations. The exchange paused its Arbitrum bridge to stabilize liquidity.
China Alleges U.S. Seizure of 127K BTC in 2020 Mining Pool Hack
China’s National Computer Virus Emergency Response Center (CVERC) claims that U.S. authorities seized 127,000 BTC stolen in a 2020 hack of a Chinese mining pool. The U.S. government disputes the accusation, maintaining that the action targeted criminal proceeds under law enforcement protocols.
$120M Balancer hack exploited rounding bug across chains
A rounding-error vulnerability in Balancer’s batch-swap logic was leveraged to siphon over $120 million, exploiting mismatches between token decimal handling. Affected chains froze funds and emergency hard forks were deployed to safeguard users.
Macro Headwinds and Balancer Hack Trigger Crypto Sell-Off
Global markets faced renewed selling on November 3 as US rate concerns and a $128.6 million exploit on the Balancer DeFi protocol prompted widespread liquidations. Bitcoin dipped below $108,000, and Ethereum fell to nearly three-month lows amid $1.16 billion in liquidations. Institutional outflows from Bitcoin and Ethereum ETFs compounded bearish momentum.
Crypto Hacks Plunge 85% in October to Lowest Losses of 2025
Crypto hack losses declined 85.7% in October 2025 to $18.18 million across 15 incidents, the lowest monthly total of the year. Garden Finance, Typus Finance, and Abracadabra accounted for most losses. Experts caution new attack vectors remain a risk.
T3 Financial Crime Unit, Backed by Tron, Tether, TRM Labs, Has Now Frozen $300M in Assets
The T3 Financial Crime Unit reported freezing $300 million in illicit funds within its first year. Formed by Tether, Tron and TRM Labs, the task force evolved into a global enforcement model, collaborating with law enforcement across five continents. The milestone underscores industry-led anti-crime capabilities.
XRP Investor Reports $3M Theft from Ellipal Cold Wallet
A long-time XRP holder discovered a $3 million loss after importing his hardware wallet seed into Ellipal’s mobile app, which converted it into a hot wallet. On-chain analyst ZackXBT traced the October 12 funds movement across multiple swaps and OTC venues. Ellipal attributes the breach to user error, warning against entering cold wallet seeds into internet-connected apps.
Singapore court approves WazirX recovery scheme for hack victims
Singapore’s High Court approved the WazirX restructuring plan, enabling customers to recover up to 55% of the $235 million stolen in the July 2024 hack. The scheme mandates fair distribution of recovered assets and oversight by the appointed scheme administrator. Approval marks a significant step in restitution for affected users and sets a precedent for crypto exchange insolvency proceedings.
Uphold research chief alleges targeted Binance margin exploit
Dr. Martin Hiesboeck of Uphold Research claimed the October 10–11 crypto crash was a targeted attack exploiting a flaw in Binance’s Unified Account margin system. The exploit allegedly used unstable collateral pricing for USDe, BNSOL and WBETH to trigger cascading liquidations. Binance has acknowledged dislocations and pledged compensations alongside risk control enhancements.
Ethena’s USDe Briefly Loses Peg During $19B Crypto Liquidation Cascade
Stablecoin USDe deviated from its $1 peg amid a $19 billion market liquidation wave, dropping to $0.996 before recovering within hours. Ethena Labs confirmed that mint and redeem functionality remained operational and collateral levels held above required thresholds.
PancakeSwap Chinese X account hack fails to dent CAKE gains, token jumps 16%
PancakeSwap’s Chinese-language X account was compromised, with attackers promoting a fake “Mr. Pancake” token amid a meme coin frenzy. Despite the breach, CAKE surged 16% to $4.52, reflecting strong trading momentum on BSC. The incident highlights escalating phishing threats across Binance Smart Chain channels.
Griffin AI Relaunches GAIN Token After $3M Bridge Exploit
Griffin AI resumed GAIN token trading on major exchanges after a September bridge exploit that minted 5 billion counterfeit tokens. A $2.5 million buyback fund was established to compensate legitimate holders and restore investor confidence.
HyperDrive DeFi Loses $773K in Router Exploit
A critical router contract vulnerability in Hyperliquid’s HyperDrive DeFi was exploited, resulting in a $773,000 loss from two Treasury Bill market accounts. Stolen funds were bridged to BNB Chain and Ethereum via deBridge. HyperDrive paused money markets and launched an investigation with security experts.
UXLink hack turns ironic as attacker gets phished mid-exploit
A breach of UXLink’s multisignature wallet allowed a hacker to mint 10 trillion UXLINK tokens and steal over $30 million in assets, only for the perpetrator to lose a large portion of the ill-gotten tokens in a phishing attack.
Blockchain networks will stop crypto deepfake scams
Centralized deepfake detectors are failing to prevent AI-powered crypto fraud, prompting development of blockchain-based detection networks that reward independent model providers to verify authenticity onchain in real time.
Monero sustains 7% rally despite 18-block chain reorg
Monero’s XMR token rallied over 7% after an 18-block reorg reversed approximately 117 transactions. Attack attributed to Qubic, which controls over 51% of network hash rate. Community explores DNS checkpoints and consensus changes to prevent future reorganizations.
BONE Price Surges 40% After Shibarium Flash Loan Exploit
Shibarium, Shiba Inu’s layer-2 network, was hit by a flash loan exploit allowing an attacker to acquire 4.6 million BONE tokens, seize validator power, and drain bridge assets. The breach paused staking operations, secured remaining funds in multisig hardware wallets, and involved security firms and law enforcement amid estimated losses near $3 million.
This Invisible ModStealer Targets Browser Crypto Wallets
Malware strain ModStealer uses obfuscated NodeJS scripts to evade antivirus detection and target 56 browser wallet extensions for private key theft. Distribution occurs via malicious recruiter ads across Windows, Linux, and macOS. Functionality includes data exfiltration, clipboard hijacking, and remote code execution.
Ledger CTO warns of NPM supply-chain attack impacting over 1 billion downloads
Ledger’s CTO Charles Guillemet alerted developers to a large-scale supply-chain breach of an NPM account, with malicious code inserted into popular JavaScript packages downloaded over 1 billion times. The code swaps wallet addresses in transactions, risking fund diversion. Users urged to use hardware wallets with secure screens to verify details.
SwissBorg hacked for $41 million in SOL after staking partner API breach
SwissBorg revealed that hackers exploited a vulnerability in its staking partner Kiln’s API, draining 193,000 SOL (≈$41 million) from its Solana Earn program. Impacted users represent about 1 percent of base and 2 percent of assets. SwissBorg pledged full reimbursement and is collaborating with authorities to investigate.
Nemo Protocol on Sui Exploited for $2.4M USDC
Nemo, a Sui blockchain yield protocol, suffered a $2.4 million exploit when a malicious actor moved USDC from Arbitrum to Ethereum. Total value locked dropped from over $6 million to $1.53 million. Peckshield traced the attack via blockchain analytics.
Ripple’s SEC Battle Is Over: Time to Challenge SWIFT?
Following the SEC’s decision to drop its lawsuit against Ripple, industry observers question whether XRP can now compete with SWIFT for cross-border payments, offering faster settlement and lower fees.
Phishing Scams Cost Crypto Users Over $12M in August
Crypto phishing attacks siphoned more than $12 million from users in August, marking a 72% month-on-month increase, according to data from Scam Sniffer. The report identified 15,230 victims, with the largest single loss exceeding $3 million, underscoring the need for enhanced vigilance and security measures across the crypto ecosystem.
'If They Can Do It to Sun, Who's Next?' Say Insiders as WLFI Claims Freeze Was to 'Protect Users'
World Liberty Financial froze hundreds of wallets, including Justin Sun's, to protect users from phishing-related compromises after onchain data showed Sun’s transfers followed WLFI’s crash. Insiders attribute the drop to widespread shorting and dumping across exchanges.
Coinbase AI Coding Tool Vulnerable to CopyPasta Exploit
Coinbase’s AI-powered code assistant is exposed to a prompt injection technique dubbed ‘CopyPasta’ that hides malicious instructions within markdown comments. The exploit can cause unauthorized code execution and data exfiltration across generated files. Coinbase is investigating and working on mitigations.
Elliptic Unveils Crime-Tracking Tool as Stablecoins Enter the Mainstream
Elliptic launched a Stablecoin Issuer Due Diligence product designed for banks and compliance teams. The tool tracks stablecoin flows across blockchains, aiding institutions in monitoring addresses tied to Tether and Circle to mitigate money-laundering risks.