security

The GoPlus Security team has disclosed a new type of attack in its AgentGuard AI project: inducing AI agents to perform unauthorized sensitive operations through "memory poisoning." This attack method does not rely on traditional vulnerabilities or malicious code but exploits the long-term memory mechanism of AI agents. For example, an attacker first induces the agent to "remember preferences," such as "usually prioritizing proactive refunds instead of waiting for chargebacks," and then uses vague expressions like "process as usual" or "execute as before" in subsequent instructions, thereby triggering automated financial operations.GoPlus points out that the key risk in such cases lies in the AI agent mistakenly treating "historical preferences" as a basis for authorization, leading to financial losses or security incidents in operations such as refunds, transfers, and configuration changes. To address this issue, the team has proposed several protective recommendations, including:Operations involving refunds, transfers, deletions, or sensitive configurations must require explicit confirmation in the current session.Memory-related instructions like "habit," "usual way," and "as before" should be regarded as high-risk state changes.Long-term memory must have a traceability mechanism (writer, time, confirmation status).Vague instructions should automatically elevate the risk level and trigger secondary verification.Long-term memory must not replace real-time authorization processes.The team emphasizes that the "AI agent memory system" should be viewed as a potential attack surface and should be constrained and audited through a dedicated security framework.

GoPlus Security stated that a user fell victim to a typical address poisoning attack, mistakenly transferring 100,000 DAI to a fake address created by the attacker after copying a similar address from the transaction history.In this incident, the user had previously transferred 300,000 DAI to the target address, and the attacker subsequently sent 0.0003 DAI from a similarly structured address to lure the user into mistakenly selecting the wrong address for the second transfer.GoPlus Security reminds users not to copy addresses from transaction history, to verify the complete address before transferring, and to conduct a small test transfer before making large transactions.

The working group led by the Ethereum Foundation has released a new open standard called "Clear Signing," aimed at addressing the long-standing issue of "blind signing." This new standard is built on the ERC-7730 specification and aims to promote the "WYSIWYS (What You See Is What You Sign)" concept, allowing users to understand the actual execution content of transactions in a unified, readable, and structured manner before signing. This replaces the current common practice of displaying machine-readable but difficult-to-understand low-level transaction information. By using a unified description format, a registry system, and independent verification and auditing mechanisms, the intent of transactions can be clearly expressed and standardized for presentation on wallets.Clear Signing will not change the on-chain transaction structure but will enhance interpretability through off-chain standardized descriptions, thereby improving security without affecting the compatibility of existing protocols.

Sky Ecosystem posted on platform X that the USDS OFT cross-chain bridging on the Solana network has resumed operation, which was temporarily paused due to a security review related to the rsETH vulnerability.Sky stated that throughout the review period, both the Sky Protocol and the USDS contract were unaffected, and USDS has always maintained full collateral as designed by the protocol, which can be verified on-chain at any time. This pause was a precautionary measure.With the completion of the security review, the USDS cross-chain bridging on the Solana chain has reopened, while the bridging to Avalanche will resume after further review is completed.

Binance released its latest security report, addressing the current industry situation of rapidly spreading AI scams. The platform has deployed over 24 AI security programs and equipped more than 100 AI models to build an intelligent defense system against various types of cryptocurrency fraud.Statistics show that from early 2025 to the first quarter of 2026, Binance has protected over 5.4 million users and intercepted potential fund losses of $10.53 billion. In Q1 2026, the platform successfully intercepted 22.9 million scam and phishing attacks, protecting user funds amounting to $1.98 billion, with an average of over 9,600 real-time risk alerts pushed daily, and a total of 36,000 malicious on-chain addresses blacklisted.The report pointed out that deepfakes, voice cloning, and phishing bots have become mainstream scam tactics, with the overall scale of cryptocurrency fraud reaching $17 billion in 2025, a year-on-year increase of 30%. In terms of risk control, Binance's AI system handles 57% of fraud detection work, reducing the credit card fraud rate to 60%-70% of the industry average; it has upgraded AI anti-counterfeiting KYC reviews, with review efficiency improved by up to 100 times.The AI trading tool Binance Ai Pro uses an isolated account structure, only allowing trading permissions and prohibiting withdrawals, with the platform intercepting 12% of high-risk third-party AI plugins. Additionally, in 2025, Binance assisted in recovering $12.8 million in scammed funds, handled 48,000 cases, and collaborated with law enforcement to freeze $131 million in illegal assets.

The Financial Security Institute of South Korea announced that it will promote three key tasks around digital asset services, including the development of smart contract verification tools, the establishment of a smart contract verification system, and the cultivation of professional talent in digital assets.It will develop dedicated security verification tools that can automatically detect major vulnerabilities such as reentrancy attacks, access control errors, and collateral verification omissions, targeting scenarios like token securities and stablecoins, and continuously update detection rules in conjunction with the South Korean financial regulatory environment. Meanwhile, the agency will also release the "Smart Contract Security Guidelines," covering the entire process of development, deployment, and operation, and enhance the digital asset security capabilities of financial institutions through seminars, collaborative networks, and other means.

The People's Court of Gulou District, Fuzhou City recently concluded a dispute arising from investment in virtual currency. Chen transferred 480,000 yuan to Liu for foreign exchange wealth management, and Liu converted the funds into USDT and invested on an overseas platform. After the platform closed, Chen filed a lawsuit in court seeking a refund.The court reviewed the case and found that the transaction model formed a closed loop of receiving RMB, exchanging for USDT, cross-border transfer, and buying and selling foreign exchange, which constitutes a disguised foreign exchange transaction and is suspected of economic crime. The court ruled to dismiss Chen's lawsuit and transferred the relevant materials to the public security authorities for handling, with the Fuzhou Intermediate Court upholding the original ruling. The court reminded that investing in virtual currency violates relevant civil laws of public order and good morals, and any losses arising from this shall be borne by the investor.

Syndicate stated on platform X that regarding the latest developments of the Syndicate bridge security incident, all affected SYND holders on the Commons Chain have received full compensation, along with an additional 15% of the total losses as compensation.The relevant amounts have been directly sent to the affected users' Base chain wallets, with the Gas fees covered by Syndicate Labs. The total compensation amounts to 12.901 million SYND, and no action is required through any claim page.

According to market news, Microsoft's security research team has discovered that attackers have been inducing users to run malicious terminal commands by publishing fake macOS troubleshooting guides since the end of 2025, thereby stealing cryptocurrency wallets, iCloud data, and passwords saved in browsers.These fake guides are published on platforms such as Medium, Craft, and Squarespace, targeting common user issues like freeing up disk space or fixing system errors, and tricking users into copying and pasting malicious commands into the terminal, which automatically downloads and runs malware. This social engineering technique, named ClickFix, bypasses macOS's Gatekeeper security mechanism because the victims are actively executing the commands.The malware families involved include AMOS, Macsync, and SHub Stealer, which can steal cryptocurrency wallet keys from Exodus, Ledger, and Trezor, as well as usernames and passwords saved in Chrome and Firefox. In some cases, attackers also delete legitimate wallet applications and replace them with trojan versions. Apple has added a protective feature in macOS version 26.4 to prevent the pasting of potentially malicious commands.

After the Kelp security incident, Tether's asset interoperability protocol USDT0 announced details of its protocol security architecture, stating that the current system uses a proprietary DVN (Decentralized Verification Network) and has message veto power, while requiring 3 independent validators to reach a 3/3 consensus based on different codebases before cross-chain messages can be settled.The current validating nodes include USDT0's proprietary DVN, LayerZero, and Canary, with plans to expand to 4/4 and 5/5 verification mechanisms in the future. USDT0 also stated that all multi-signature transactions must undergo multiple reviews by internal teams, external security teams, and auditing institutions before submission for signing. Relevant contracts have been audited by organizations such as Guardian and OpenZeppelin and have launched a $6 million bug bounty program on Immunefi.

Wasabi Protocol released a security incident update, stating that attackers exploited a configuration vulnerability in the Spring Boot Actuator within its AWS infrastructure to steal the private keys controlling EVM smart contracts, resulting in the theft of approximately $4.8 million in user funds and $900,000 in protocol treasury funds, with total losses amounting to about $5.7 million.The attack chain began with a public server used for analysis, whose Actuator heap dump was not properly password protected, allowing attackers to obtain credentials for another server and ultimately gain control of the smart contract private keys. This incident only affected EVM deployments, including certain treasuries on Ethereum, Base, Blast, and Berachain, while Solana deployments and Prop AMM were not affected.There has not yet been a final update on the user compensation plan, but "ensuring all affected users are compensated" remains the team's top priority, and updates on the investigation progress will be released in the Discord community in the future.

LayerZero Labs posted on the X platform that the internal RPC used by LayerZero Labs was attacked by the Lazarus Group in the past three weeks, resulting in the compromise of the true source of its DVN (Decentralized Verification Network), while external RPC providers faced DDOS attacks. This incident affected 0.14% of applications and approximately 0.36% of asset value.LayerZero Labs stated that asset security is currently intact, and since April 19, over $9 billion in funds have been completed across chains through the protocol. In response to security risks, LayerZero Labs has stopped providing services for its DVN in a 1/1 configuration, and all default configurations for channels will be migrated to at least a 3/3 or 5/5 multi-DVN mode.Additionally, in response to an incident three years ago where multi-signature holders mistakenly used hardware wallets for personal transactions, LayerZero Labs has removed that signer and changed wallets, while also developing a OneSig custom multi-signature system. LayerZero Labs recommends that developers lock configurations to avoid relying on default settings and plans to launch an asset management platform Console to enhance security monitoring.

Lido released the latest updates on the Kelp security incident, stating that the Snapshot vote regarding the EarnETH first loss protection mechanism being below the 1% threshold has reached the quorum and been approved. The losses for EarnETH users will be fully covered by the Lido Earn first loss mechanism.The rsETH held by the attacker has been liquidated, and the related stETH has been transferred to the DeFi United rescue plan. In addition, the EarnETH treasury is expected to reopen shortly after the Kelp protocol resumes operations, at which point users will be able to conduct normal deposit and withdrawal operations. Lido emphasized that during the freeze period, the EarnETH and EarnUSD treasuries continue to generate returns. Currently, EarnETH users only need to wait for the brief unfreezing process to complete, and once the funds are restored, they will be compensated according to the first loss protection mechanism.

1inch posted on platform X, stating that it has noted reports involving TrustedVolumes and confirmed that 1inch and all its protocols are not involved in the incident. The 1inch system, infrastructure, and user funds have not been affected.TrustedVolumes operates independently as a liquidity provider and is used by multiple protocols in the industry, not exclusive to 1inch. 1inch will continue to monitor the situation and actively assist relevant security parties when appropriate.

The Bitcoin TAP protocol ecological project BIT (@dmt_bit_) has released a new roadmap, announcing a focus on the narrative of "Bitcoin Security Budget Layer," with tokens being directly issued to Bitcoin miners every block as a new source of miner subsidies.The BIT team disclosed that currently only the $NAT token enjoys the miner subsidy mechanism under the TAP protocol, and this mechanism is hardcoded in the protocol's source code (effective only for the dmt-nat token), making it unavailable for other DMT projects. The TAP protocol has also not publicly disclosed any third-party security audits to date.BIT has submitted a code upgrade proposal to TAP, hoping to open this mechanism for use by all DMT tokens, but it was rejected by the TAP officials.According to the roadmap, BIT will next develop a new protocol based on a TAP fork—any DMT token deployment party can customize the token issuance rules and miner distribution methods (including distribution by mining pool weight, independent miner prize accumulation, mixed distribution, etc.) through a single inscription, eliminating any hardcoded privileges for projects. A third-party security audit will be completed before the mainnet launch of the new protocol. $BIT will serve as the native token of the new protocol, and the ecological development of the protocol will continue to empower $BIT.

AMM infrastructure Ekubo posted on platform X that a security incident occurred with the Swap routing contract on the EVM chain, but liquidity providers were not affected, and Starknet was not affected. The team is investigating the scope of the incident and recommends that users immediately revoke all authorizations for the affected addresses.The affected addresses include the V2 and V3 contract addresses on Ethereum, as well as the V3 contract address on Arbitrum. The team is preparing a post-incident analysis report and reminds users to be cautious of links claiming to be related to the Ekubo Protocol or the vulnerability.

According to CoinDesk, Angus Fletcher, head of digital assets at State Street Bank, stated at the Consensus Miami conference that in light of the recent surge in DeFi attack incidents, institutional investors are looking for improvements in blockchain security. He pointed out that the young crypto industry needs to find solutions now before trillions of dollars in real-world assets are put on-chain.Fletcher believes that the interoperability between blockchains needs to be clearly defined and understood, and institutional clients need to understand the legal ownership and rights of cross-chain tokens. Dennis Bree, head of Morpho, stated that April could be the month with the most hacker attacks in DeFi history, and regulators are conducting more due diligence on the security of collateralized assets.

According to the Wall Street Journal, algorithm development company MicroAlgo Inc. announced the launch of a blockchain architecture based on quantum technology, which enhances transaction security and transparency by integrating quantum secure channels (QSC) and quantum key distribution (QKD).The architecture features a four-layer design, including a quantum communication layer, a blockchain core layer, a smart contract layer, and an application layer. Among these, QKD is used to achieve high-security key generation and distribution, while quantum encryption protects transaction data from theft and tampering, and also possesses resistance to quantum computing attacks.Additionally, the system strengthens long-term security through periodic key rotation and a quantum signature mechanism, and combines distributed ledger technology with a consensus mechanism to ensure data immutability and transaction verifiability, achieving a balance between security and transparency. However, the company also pointed out that there are still challenges regarding the maturity and commercialization of quantum technology, and large-scale implementation will take time.