News linked to this event type.
According to HackQuest (@HackQuest_), the 0G APAC Hackathon has officially announced its winners. The event attracted 1,145 participants globally and received 293 final project submissions, generating over 1.04 million social media impressions. Winners are as follows: First Place: Ghast AI (@Ghast_AI) — A crypto-native AI agent client built on 0G, supporting decentralized inference, user-controlled long-term memory, censorship-resistant access, and portable agent IDs. Second Place: NeoSoul (@NeoSoulAI) — A trust layer designed specifically for the emerging agent economy, providing infrastructure such as verifiable agent permissions, accountability mechanisms, and recovery systems. Third Place: Anima (@anima_0g) — A CLI-native agent framework where agent identity, memory, inference, wallet, and economic activities all run atop 0G’s decentralized infrastructure, enabling cross-device, independent, and persistent operation. Excellence Awards: - @Alsphere0G — Collective intelligence memory layer for AI agents - @Hash_PayLink — Payment-gated AI infrastructure for the agent economy - @railbeam_ai — Payment rails and financial operations workspace for humans and agents - @stealth_pay — Privacy-preserving payment-related project
A cryptography expert advisory committee led by Coinbase released a report stating that Bitcoin should immediately begin preparing for potential quantum computing attacks. However, the committee did not take a clear stance on whether to freeze the millions of bitcoins potentially vulnerable to quantum-computing theft in the future. The committee includes several leading experts, such as Justin Drake, a researcher at the Ethereum Foundation. They argue that the current debate is not about *how* to introduce quantum-resistant signature schemes, but rather *how to handle* bitcoins held in long-dormant addresses that fail to migrate. One camp advocates setting a final deadline after which Bitcoin’s existing ECDSA and Schnorr signature schemes would no longer be supported, and unmigrated funds would be frozen—thereby preventing future quantum attackers from seizing large amounts of BTC and destabilizing markets. The other camp contends that freezing funds would effectively amount to asset confiscation, violating Bitcoin’s core principles of immutability and full user control over assets—and could set a precedent for future regulatory-driven freezes. The Coinbase advisory committee notes that these approaches are not mutually exclusive and could be combined. Yet it declines to state a position on whether “legacy BTC” should be frozen, asserting that the ultimate decision rests with Bitcoin’s community governance. It emphasizes two key points: first, technical development of quantum-resistant signature migration must begin immediately—not wait for governance debates to conclude; second, users must receive clear, timely risk communication to prevent prolonged uncertainty from harming the Bitcoin ecosystem.
Zcash founder Zooko posted on X, stating that at the request of Shielded Labs, Anthropic and Mythos conducted a security audit of Zcash, and no further critical vulnerabilities were found in the Zcash protocol. Shielded Labs and other parties are continuing to carry out security reinforcement efforts.
According to a post by Zcash co-founder Zooko (@zooko), Anthropic, in collaboration with Mythos, conducted a security audit of the Zcash protocol at the request of Shielded Labs. The audit found no critical vulnerabilities. Shielded Labs and related teams are continuing their efforts to strengthen security, and further updates will be announced separately.
law enforcement agencies from 11 countries have jointly shut down the money laundering network AudiA6, which processed over 336 million euros in illicit funds between 2022 and 2025. On June 10, law enforcement arrested two administrators of Russian and Ukrainian nationality in Georgia, seized 25 domain names, over 30 servers, and 80 vehicles, and froze approximately 778,000 euros in cryptocurrency. Operating as a "mixer-as-a-service," AudiA6 provided services to cybercriminals involved in ransomware attacks, helping them cash out crypto assets and conceal the flow of funds, charging commissions of 3% to 10% and claiming to complete the "cleaning" process within about an hour.Since 2021, the AudiA6 wallet has received approximately 10,333 BTC, valued at around $389 million at the time of the transactions. The investigation also revealed that the money laundering network used thousands of fake accounts created with stolen or purchased identities, involving over 6,000 KYC records; many of these accounts were linked to Russian-speaking intermediaries and were used to transfer criminal proceeds through cryptocurrency exchanges. The clearnet and darknet domains of AudiA6 and Dark2Web have been replaced with seizure banners. (Cointelegraph)
The Bitcoin Core Project released a security advisory confirming a privacy vulnerability in the -privatebroadcast feature introduced in version 31.0.
U.S. House bipartisan lawmakers introduced a bill on Thursday to establish a cross-agency federal cryptocurrency theft task force under the leadership of the Attorney General, aimed at coordinating and leading investigations into cryptocurrency theft, fraud, and hacker attacks.The bill is jointly sponsored by Republican Representative Lance Gooden of the House Judiciary Committee and Democratic Representative Josh Gottheimer of the House Financial Services Committee. The task force will include multiple federal agencies such as the Department of Justice, the Federal Bureau of Investigation, the Department of Homeland Security, and the Department of the Treasury, aiming to address the $11 billion theft and fraud issues caused last year and provide victims with a unified federal response mechanism. (coindesk)
: U.S. Treasury Secretary Bessent stated on the X platform that the Iranian regime will lose the zero-sum game it is currently engaged in. Any damage it causes to Gulf allies will be compensated with funds withdrawn from Iranian accounts; any toll fees paid to the Strait of Persia Authority will be offset with funds withdrawn from its accounts; every attack launched by Iran will only deepen the economic, social, and financial consequences it faces.
Odaily, Mitchell Amador, CEO of bug bounty platform Immunefi, stated at the WAIB Summit that new AI models such as Claude Opus 4.8 and ChatGPT 5.5 are shifting the balance of cybersecurity offense and defense in favor of attackers, leading to a resurgence in crypto hacks in 2026. Data from DefiLlama shows that in April 2026, illicit actors stole over $634 million from crypto platforms, the highest monthly total since the Bybit hack in February 2025 drove losses of approximately $1.4 billion.Amador stated that the crypto industry is in a critical survival period for the next three to four years until security teams leverage similar AI models to build codebases that attackers cannot breach; if the industry adopts more crowd-sourced security solutions, this timeline could be shortened to within two years. The latest Claude Mythos model, Fable 5, from AI company Anthropic, previously raised concerns about accelerating the ability to exploit crypto vulnerabilities.Anthropic stated that Fable 5 has safeguards in place that will redirect topics related to cybersecurity and similar fields to Claude Opus 4.8. On April 19, an attacker transferred approximately 116,500 restaked Ethereum (rsETH) from Kelp DAO's LayerZero-based rsETH bridge, valued at around $290 million to $293 million at the time. Cross-chain protocol LayerZero stated that the 1/1 decentralized verification network configuration of Kelp DAO relied on a single verification path for processing cross-chain messages, creating a single point of failure. (Cointelegraph)
Agora, an automated testing framework jointly developed by 0G Labs and research teams from the National University of Singapore, Peking University, and Beijing University of Posts and Telecommunications, has been accepted to ICML 2026. Agora is the first framework to deeply integrate domain-specific knowledge from distributed systems with a multi-agent collaborative architecture for automated vulnerability detection in production-grade consensus protocols. According to the paper, Agora has uncovered 15 previously unknown deep logic bugs (“Deep Bugs”) across mainstream consensus protocols—including Raft, EPaxos, HotStuff, and BullShark—spanning critical security issues such as execution divergence, monotonicity violations, topology flaws, and signature verification failures. Experimental results show that leading large language models—including GPT-5.2 and Claude 4.5—failed to detect any protocol-level vulnerabilities under identical test scenarios. Agora employs hypothesis-driven testing and a multi-agent collaboration mechanism, enabling deep security analysis of complex distributed systems through automated attack-scenario generation, test execution, and dynamic refinement. Beyond consensus protocols, the framework is designed for future extension to domains including database concurrency control, operating system kernels, and Web3 smart contract auditing.
Anthropic CEO Dario Amodei has stated that if new AI models pose specific risks, governments should have the authority to prevent their deployment. In a lengthy post on Wednesday, Amodei argued that AI models should undergo mandatory third-party testing to assess potential risks across multiple domains. He wrote that if an AI is deemed to pose "unacceptable risks," then "governments should have the power to block or constrain its deployment." This is one of Amodei's strongest statements to date advocating for stricter AI regulation. "I believe that, at least during this current exponential growth phase, the most appropriate analogy is cars, airplanes, or pharmaceuticals—technologies that are essential to the modern economy but can also lead to significant loss of life if poorly designed or misused," Amodei wrote. Anthropic has previously warned that its AI model, Mythos, possesses the ability to discover and exploit critical software vulnerabilities, leading the company to restrict access to a small number of partners. This week, Anthropic also released a new version that removes related cybersecurity attack capabilities. (Jinshi)
blockchain security analyst Specter posted on X platform, stating that an old liquidity pool of the Solana DeFi protocol Raydium is suspected of being attacked, with the attacker stealing approximately $1.34 million in assets, mainly including USDC, RAY, and wSOL. Currently, the hacker has transferred the stolen funds to Ethereum via a bridge and subsequently deposited them into Tornado Cash for mixing.
According to on-chain security platform Blockaid (@blockaid_), the MILC Platform cross-chain bridge suffered a private key leak on both the BNB Chain and Ethereum networks. The attacker exploited a historical bridge administrator wallet to grant the DEFAULT_ADMIN_ROLE and MANAGER_ROLE permissions to the attacker’s address. Subsequently, assets were withdrawn from the bridge contract, and administrative control was transferred to the attacker’s wallet. Confirmed losses currently stand at approximately $97,003 USDT (on BNB Chain) and approximately 39.21 ETH (on Ethereum, transferred out via Rhino.fi), totaling roughly $161,000.
Humanity stated that it has shared the attacker’s address tracking page with all centralized exchanges, decentralized exchanges, and aggregators, and will continue updating it. Humanity has also announced a $1 million USDT bounty for information that aids in recovering the stolen funds; all recovered funds will be used to repurchase $H.
Humanity released a post-mortem report on the H token security incident that occurred between June 8 and 9, stating that the incident was not caused by a smart contract vulnerability, but rather by a malware intrusion into a developer's device, which led to the leakage of private keys. Humanity stated that the attacker still holds the ProxyAdmin permissions for the ETH bridge and the BNB Chain token. Preliminary investigations confirmed that a colleague's device was infected with malware, which the attacker used to obtain the hot wallet private key of the administrator and the private keys for signing on 6 Gnosis Safe wallets. The team has hired an external security agency to conduct a forensic investigation and stated that they are formulating a recovery plan for affected users.
According to The Information, sources say Anthropic may release its new model Claude Fable today. Described as a secure version of Mythos, Claude Fable retains some advanced capabilities while adding safety restrictions for high-risk scenarios such as cyberattacks. Anthropic previewed Mythos in April this year, stating that it can discover numerous previously unknown cybersecurity vulnerabilities—but did not directly release it due to potential safety risks. As of now, Anthropic has not officially announced detailed information about Claude Fable.
According to BlockSec Phalcon (@Phalcon_xyz), the $TOP token suffered a governance attack, resulting in losses of approximately $1.59 million. The attacker exploited the token’s low market capitalization to acquire over 50% of voting power at minimal cost. Subsequently, they passed a malicious governance proposal to mint a large quantity of $TOP tokens for themselves, then swapped these tokens for WETH via the Balancer liquidity pool—depleting the pool’s liquidity. BlockSec Phalcon advises projects using governance mechanisms similar to those of Lido or Aragon to promptly review governance security measures, including voting power distribution, quorum and approval thresholds, and minting permissions.
According to monitoring by crypto analyst 余烬@EmberCN, the Humanity attacker minted an additional 1 billion H tokens 20 minutes ago.余烬 stated that previously, the attacker had minted H tokens in batches of 100 million, but this time directly minted 1 billion. However, as market liquidity continues to dry up, the attacker's ability to cash out has significantly decreased. Currently, selling 10 million H tokens at once can only be exchanged for approximately 6 BNB, worth about $3,600. The price of H has now dropped to approximately $0.0003.
Humanity released an incident update stating that its H token was subject to a coordinated attack on Ethereum and BSC on the evening of June 8, resulting in approximately $36 million worth of tokens stolen and dumped across both chains. The project disclosed that the attack originated from a compromised employee laptop, which led to the leakage of multiple owner keys for the Gnosis Safe controlling the Hyperlane bridge ProxyAdmin. On Ethereum, the attacker seized ownership of the ProxyAdmin and upgraded the contract to a malicious implementation, transferring approximately 141.2 million H tokens in a single transaction. On BSC, after similarly gaining control of the ProxyAdmin, the attacker deployed a malicious implementation with infinite minting capabilities, minting 200 million H tokens in two transactions and continuously dumping them. Humanity has suspended deposits and withdrawals on the affected cross-chain bridge and is cooperating with exchanges and law enforcement to investigate the incident and seek partial recovery of the stolen funds.
Humility Protocol released a security incident update on the X platform, stating that its H token suffered a coordinated attack on the Ethereum and BSC chains yesterday, with confirmed losses exceeding $36 million in stolen and dumped assets.Preliminary investigations indicate the incident originated from a compromised employee computer, which led to the leakage of private keys for the multi-signature wallet controlling the Hyperlane Bridge ProxyAdmin. Specifically, the attacker obtained 3 out of 6 private keys of the Gnosis Safe wallet on the Ethereum chain, transferred ownership of the ProxyAdmin to a wallet under their control, upgraded the bridge contract to a malicious implementation, and subsequently transferred approximately 141.2 million H tokens in a single transaction.Simultaneously, the attacker also gained control of 3 out of 5 private keys of the Safe wallet on the BSC chain, took over the ProxyAdmin using the same method, deployed a malicious contract with unlimited minting functionality, and minted 200 million H tokens in two separate transactions to their own wallet.Humility stated that it has suspended all deposit and withdrawal operations on the affected bridge services and is collaborating with partners such as exchanges to mitigate losses. Meanwhile, it is cooperating with the police investigation and attempting to recover part of the stolen funds.