attack

After KelpDAO was attacked, resulting in a loss of $292 million, the industry's scrutiny of the security of cross-chain infrastructure has intensified. Approximately $4 billion in assets have completed or are in the process of migrating from LayerZero to Chainlink's Cross-Chain Interoperability Protocol (CCIP). The DeFi protocol Lombard is the latest project to join this migration trend. The protocol announced it would discontinue the use of LayerZero and migrate over $1 billion in Bitcoin-backed assets to Chainlink CCIP, stating that this decision stemmed from a comprehensive internal security review following the April attack incident.Lombard issues two types of Bitcoin-backed tokens—LBTC and BTC.b—and will prioritize the migration of assets on chains such as Solana, Etherlink, Berachain, Corn, and TAC, while terminating the use of LayerZero on Morph and Swell. Lombard stated that the reason for choosing CCIP is its independent node operators, built-in rate limiting mechanisms, and audited infrastructure. Additionally, the protocol will adopt Chainlink's cross-chain token standard to facilitate asset cross-chain circulation through a burn-and-mint model.Previously, Kelp DAO, Solv Protocol, Re, and the cryptocurrency exchange Kraken have all completed similar migrations, with these projects collectively transferring approximately $4 billion in assets. Chainlink Labs Chief Business Officer Johann Eid stated, "We are witnessing a continued wave of risk-averse migration within the industry."

THORChain has announced that one Asgard vault has been attacked, and trading has been suspended. Initial signs indicate that user funds are safe, and only the protocol's own funds are affected. THORChain stated that the network automatically detected abnormal behavior and suspended signing activities to prevent further fund transfers. The estimated loss is currently around $10.7 million.The announcement mentioned that one of the six Asgard vaults is suspected to have been breached, and related nodes have triggered the RUNE staking penalty mechanism due to unauthorized transfers. The current network has suspended Churn activities, and new connections and related operations will also be postponed until the investigation and repairs are completed.THORChain stated that preliminary investigations show that users' personal exchange transactions have not been affected, and all node operators have been asked to immediately check their infrastructure, key management systems, and operating environments for any anomalies.

According to on-chain detective ZachXBT, THORChain has suffered attacks on multiple chains, resulting in losses exceeding $7.4 million.

The GoPlus Security team has disclosed a new type of attack in its AgentGuard AI project: inducing AI agents to perform unauthorized sensitive operations through "memory poisoning." This attack method does not rely on traditional vulnerabilities or malicious code but exploits the long-term memory mechanism of AI agents. For example, an attacker first induces the agent to "remember preferences," such as "usually prioritizing proactive refunds instead of waiting for chargebacks," and then uses vague expressions like "process as usual" or "execute as before" in subsequent instructions, thereby triggering automated financial operations.GoPlus points out that the key risk in such cases lies in the AI agent mistakenly treating "historical preferences" as a basis for authorization, leading to financial losses or security incidents in operations such as refunds, transfers, and configuration changes. To address this issue, the team has proposed several protective recommendations, including:Operations involving refunds, transfers, deletions, or sensitive configurations must require explicit confirmation in the current session.Memory-related instructions like "habit," "usual way," and "as before" should be regarded as high-risk state changes.Long-term memory must have a traceability mechanism (writer, time, confirmation status).Vague instructions should automatically elevate the risk level and trigger secondary verification.Long-term memory must not replace real-time authorization processes.The team emphasizes that the "AI agent memory system" should be viewed as a potential attack surface and should be constrained and audited through a dedicated security framework.

The slow fog余弦 social media stated that the high-risk iOS attack framework DarkSword has been publicly leaked on channels such as GitHub and is being used for large-scale espionage attacks targeting cryptocurrency wallet holders.This attack program targets devices running iOS versions 18.4 to 18.7, utilizing vulnerabilities in the Safari browser through malicious web pages to achieve remote code execution, thereby stealing users' sensitive data. Attackers launch attacks using bait web pages that impersonate pornographic live streams, Tron energy stations, refund processes, and more.iPhone users running older versions of iOS, once they access such web pages using the Safari browser (even if they do not close the page), may have sensitive information such as plaintext private keys and mnemonic phrases stolen by malicious JavaScript code when unlocking the wallet app, which is then transmitted in real-time through channels like Telegram bots.

The co-founder of the Solana ecosystem DeFi project Ranger Finance, cobra (@barrett_io), posted on the X platform that Ranger Finance is gradually shutting down. The project took on business beyond its sustainable capacity, and the founder invested personal funds to maintain operations, but delays in financing led to the accumulation of bills. Ultimately, the financing was unsuccessful, and the raised funds were returned.The team is trying to fairly pay employees and suppliers with the remaining two months of operating funds, but it is insufficient to cover all expenses. The treasury liquidation was unexpected and severely impacted budget decisions. Subsequently, the Drift attack incident depleted the remaining funds and personal capital. Treasury users affected by the Drift attack will receive recovery tokens when distributed by the Drift team. The founder stated that in hindsight, the project should have been shut down earlier and apologized for this.

The Compound Foundation stated that, after closely collaborating with the Aave and KelpDAO teams, the relevant positions of the rsETH exploiters in WETH and wstETH Comet have all been liquidated over the weekend, and all rsETH held by the attackers has been transferred to DeFi United. Compound noted that the swift action effectively mitigated market risks and protected the safety of the protocol's suppliers and reserve funds.Compound also updated that the transfer restrictions for Ethereum WETH and wstETH Comet have now been lifted, and all Comet markets have resumed normal operations. The protocol stated that the top priority remains ensuring the overall safety of the platform and thanked the Aave and KelpDAO teams for their collaboration during the incident handling process.

The Compound Foundation stated that, after close collaboration with the Aave and KelpDAO teams, the relevant positions of the rsETH exploiters in WETH and wstETH Comet have all been closed over the weekend, and all rsETH held by the attackers has been transferred to DeFi United.Compound stated that the quick action effectively mitigated market risks and protected the safety of the protocol's suppliers and reserve funds. Compound also updated that the transfer restrictions for Ethereum WETH and wstETH Comet have now been lifted, and all Comet markets have returned to normal operation. The protocol stated that the top priority remains ensuring the overall safety of the platform and thanked the Aave and KelpDAO teams for their collaborative efforts during the incident handling process.

According to a report by Cai Lian She, OpenAI released a statement regarding the recent "Mini Shai-Hulud" supply chain attack incident targeting the popular open-source library TanStack. After monitoring the malicious attacks on several commonly used npm packages, the security team quickly investigated the internal systems and found no evidence of user data being leaked or accessed illegally.OpenAI pointed out that although its core services were not directly compromised, to ensure the security of local environments, all macOS users using its official applications must complete software updates by June 12, 2026.

GoPlus Security stated that a user fell victim to a typical address poisoning attack, mistakenly transferring 100,000 DAI to a fake address created by the attacker after copying a similar address from the transaction history.In this incident, the user had previously transferred 300,000 DAI to the target address, and the attacker subsequently sent 0.0003 DAI from a similarly structured address to lure the user into mistakenly selecting the wrong address for the second transfer.GoPlus Security reminds users not to copy addresses from transaction history, to verify the complete address before transferring, and to conduct a small test transfer before making large transactions.

The blockchain TAC team stated that it has confirmed a previous cross-chain layer security incident that resulted in approximately $2.8 million in assets being transferred, involving assets such as USDT, BLUM, and tsTON.TAC stated that if the attacker returns the relevant funds to the designated multi-signature address, the team will consider this incident as a "white hat rescue" and will not take legal action against the operators involved with ETH/BSC, ZEC, and TON addresses.As a reward, the attacker can receive approximately 10% of the bounty, equivalent to about 13 ETH and 300 ZEC.

The TAC team announced that its cross-chain layer's TON side was exploited by external attackers, resulting in a loss of approximately $2.8 million, involving USDT, BLUM, and tsTON. TAC, TON, and all ERC-20 tokens bridged from Ethereum are unaffected. The bridging service remains suspended, and forensic analysis and repair work are ongoing. A complete report with more details will be released within the next 48 hours.The team is actively collaborating with law enforcement, SEAL 911, and security partners to track and freeze the stolen funds. The team stated that its core focus is to sell the foundation's TAC token reserves in a legally structured manner to compensate for user losses and fully restore bridging liquidity. Official channels will continue to update progress.

Aave stated that the first steps of the rsETH technical recovery plan have been completed, which includes the destruction of the rsETH held by the attacker on Arbitrum. In the coming days, stakeholders will gradually replenish funds to the LayerZero OFT adapter and restart rsETH-related operations in phases.Kelp previously stated that it has completed a series of rsETH endorsement recovery steps with Aave, planning to gradually inject 117,132 rsETH from the Aave Recovery Guardian and Kelp Recovery Safe into the LayerZero OFT adapter on the Ethereum mainnet.

Web3 security company CertiK has released the "Skynet North Korea Cyber Threat Report." The data shows that since 2016, North Korean hacker groups have plundered approximately $6.75 billion in digital assets. In 2025 alone, the losses from thefts they orchestrated reached as high as $2.06 billion, accounting for nearly 60% of the total losses in the global cryptocurrency industry for the entire year (including the $1.5 billion Bybit theft case). As of early 2026, this threat trend continues, with losses accounting for about 55%.The report emphasizes that the attack patterns of North Korean hackers have undergone a fundamental shift, evolving from simple code vulnerability exploitation to a national-level attack system that combines social engineering, deep supply chain attacks, and "physical infiltration." In the recent Drift protocol incident, attackers even spent six months lurking at offline industry conferences, establishing trust through real funds and interpersonal interactions before executing their attack.CertiK security experts warn that in the face of such systemic attacks, simple technical defenses have become weak. Cryptocurrency institutions urgently need to fully implement a "zero trust" hiring model, strengthen third-party supply chains, establish fund circuit breaker mechanisms, and collaborate with professional security organizations to build a comprehensive lifecycle defense system covering code audits, round-the-clock risk monitoring, and on-chain anti-money laundering/KYT (Know Your Transaction) fund tracking.

Slow Fog issued a security warning stating that Aurellion was attacked, resulting in a loss of approximately 455,003 USDC (about $455,000).Analysis pointed out that the root of the vulnerability lies in the lack of effective protection in the initialize(address) function of the SafeOwnable Facet. Since the Diamond contract did not go through the initialize path when setting the owner, the _initialized version slot was not updated correctly, allowing the attacker to reinitialize the contract and override owner permissions.Subsequently, the attacker called diamondCut to inject a malicious Facet and transferred the USDC assets of authorized users through the malicious pullERC20 function, ultimately completing the theft of funds.

According to Huma Finance's official disclosure, its old V1 contract on Polygon was exploited, resulting in approximately 101,400 USDC being transferred out. The project team stated that this incident did not affect user fund security, and Huma Finance PST was not impacted. Its V2 system on Solana is a completely restructured version and is not affected by the vulnerability.Huma stated that the team had previously been working on gradually phasing out the V1 liquidity pool, and has now fully suspended all V1 related contracts, and will continue to handle the subsequent wrap-up work.

According to Blockaid monitoring, Ink Finance's Workspace Treasury Proxy on Polygon was attacked a few minutes ago, resulting in a loss of approximately $140,000.

According to monitoring by Shield, the TrustedVolumes attackers have transferred and laundered $278,000: depositing 10.2 ETH ($23,600) into TornadoCash, cross-chain converting 110 ETH ($250,000) to BTC through THORChain, and attempted to deposit 0.5 ETH into Railgun but changed their mind and withdrew it.TrustedVolumes was attacked on May 7, resulting in a loss of approximately $6.7 million.

Renegade posted on platform X that a legacy V1 version of the protocol was attacked earlier this morning, resulting in a loss of approximately $209,000. White hat hackers have returned about $190,000, and all affected users will receive full compensation.The team confirmed that the issue only exists in the V1 Arbitrum deployment, and other deployments (V1 Base, V2 Arbitrum, V2 Base) are safe. All infrastructure supporting V1 Arbitrum transactions has been suspended, with no further risk to funds, and integrators do not need to take any action.

According to a report by The Block, the crypto security firm CertiK released a report today indicating that in the first four months of 2026, there have been 34 confirmed cases of crypto "ransom attacks" globally (i.e., offline physical assaults and extortion targeting crypto asset holders), an increase of 41% compared to the same period in 2025, with total losses for victims amounting to approximately $101 million. If the trend continues, the total number of incidents for the year is expected to reach around 130, with losses potentially soaring to hundreds of millions of dollars.In terms of geographical distribution, out of the 34 incidents, 28 (82%) occurred in Europe, with France being particularly notable, having recorded 24 incidents in just the first four months of 2026, surpassing the total of 20 incidents for the entire year of 2025. CertiK attributes this to France's hosting of flagship crypto companies like Ledger and Binance, frequent data breaches, and a prevalent culture of "showing off wealth and doxxing" within the community. In contrast, the number of reported incidents in the United States dropped from 9 in 2025 to 3 in the first quarter, while Asia saw a decrease from 25 to 2.Regarding attack patterns, CertiK pointed out that criminal groups have shifted to a "data-driven targeting" model, reducing the need for on-site reconnaissance by purchasing victims' names, addresses, and asset information from data intermediaries. This year, over half of the incidents involved threats or direct harm to victims' family members (spouses, children, elderly parents) as a means of exerting pressure. In terms of execution, small groups of 3 to 5 individuals typically operate through