News linked to this event type.
South Korea’s top five cryptocurrency exchanges experienced a total of 57 hacking incidents and system failures between 2020 and April 2026, resulting in cumulative compensation of approximately 7 billion KRW (about USD 5.1 million).
Odaily Seer Prophet Channel monitoring shows that the probability of "Zcash will hit $100 in 2026" on Polymarket has risen to 53%, a 24-hour increase of 36%.Market rules: If between 17:35 on November 24, 2025, and 23:59 on December 31, 2026 (Eastern Time), the lowest price (Low) of any 1-minute candlestick of the Binance ZEC/USDT trading pair reaches or falls below the price stated in the title, this market will immediately settle as "Yes"; otherwise, it will settle as "No." Settlement is based solely on the 1-minute candlestick data of the Binance ZEC/USDT trading pair; prices from other exchanges or trading pairs will not be considered.In previous news, the privacy coin Zcash disclosed and fixed a critical security vulnerability that could have been exploited by malicious miners to transfer over 25,000 ZEC (approximately $6.5 million) from the deprecated Sprout privacy pool. Officials stated that the vulnerability had existed since July 2020 but was not actually exploited, and user funds remained safe at all times. The development team has released version v6.12.0 to complete the fix, and major mining pools have already upgraded their deployments.Odaily Seer Prophet Channel continues to monitor prediction markets, seeing changes before pricing.
according to Lookonchain monitoring, 6 hours ago, the Pando Rings hacker (0x303...3d9F) spent 10 million DAI to buy 6,243 ETH at an average price of $1,602.
Haseeb, Managing Partner at Dragonfly, has addressed the recently patched Zcash vulnerability, stating that there are many misconceptions in the market regarding the incident. He pointed out that even if the vulnerability had been exploited before the fix, an attacker could only profit by forging ZEC within the shielded pool. For these tokens to enter mainstream trading platforms, they would first need to be converted from shielded addresses to transparent addresses. Since the supply of ZEC in transparent addresses is publicly verifiable, any abnormal transfers exceeding the maximum supply would be detected and blocked. Therefore, the vast majority of investors and exchange users holding transparent ZEC would not be affected.Haseeb stated that the Zcash team plans to introduce a new “Turnstile” mechanism and a new shielded pool in future upgrades to verify that the current shielded pool does not suffer from inflation issues. He also noted that formally verified cryptographic systems can reduce implementation errors at the design level. Finally, Haseeb disclosed that Dragonfly still holds ZEC, and he is personally an investor in ZODL.
SlowMist issued a security alert stating that the DTXT/USDT trading pair on BSC was attacked due to spoofable liquidity-addition detection logic, resulting in the attacker profiting approximately $35,041.106 USDT.
According to the THORChain blog, ZEC is in the queue for launch on THORChain. However, due to a recent vulnerability disclosed in Zcash—whose existing patch impacts integrators’ normal operations—THORChain must first complete a minor code modification to its Bifrost module before proceeding. The development team stated that the change is minimal but must be completed prior to ZEC’s launch. Monero (XMR) is currently expected to launch by the end of this month, with ZEC scheduled to follow.
According to Hyperinsight’s monitoring, Zcash faces a theoretical risk of unlimited token supply due to a vulnerability in its Orchard zero-knowledge proof system. Negative public sentiment surrounding its “black-box” nature has continued to escalate and culminated in today’s concentrated outbreak.
Odaily, Cypherpunk, the company managing the ZEC treasury, stated that all software has vulnerabilities. Historically, Bitcoin once "over-minted" 184 billion BTC due to a bug. However, this does not mean abandoning blockchain technology; rather, security should be enhanced through formal verification and provable correctness.Cypherpunk emphasized that with the development of AI technology, vulnerability detection will become faster and broader, but the key lies in who can discover issues before malicious actors. Zcash will demonstrate this capability through an upcoming update.
Cypherpunk, the ZEC treasury company, responded on X to the market volatility of the ZEC token, stating that all software contains vulnerabilities and citing the historical Bitcoin incident in which a bug led to the accidental minting of 184 billion BTC. However, this does not mean blockchain technology should be abandoned; instead, security should be enhanced through formal verification and provable correctness.
According to on-chain security firm CertiK (@CertiKAlert), the Gravity Bridge attacker recently deposited another 1,180 ETH (approximately $2.06 million) into Tornado Cash. Earlier, on May 30, the attacker exploited the permissionless deployERC20() function by forging the Osmosis token string, tampering with the token registry, and mapping fake balances to real custodial assets—thereby stealing approximately 2,600 ETH (around $5.4 million) from Gravity Bridge. To date, 2,020 ETH of the stolen funds have been transferred to Tornado Cash via two externally owned accounts (EOAs); the remainder has been dispersed across centralized exchanges, making fund recovery significantly challenging.
Odaily Seer Channel monitoring shows that a new address on Polymarket bought $7,500 on Hunter Biden becoming the 2028 Democratic presidential candidate, with an average purchase price of 0.7¢.Possibly influenced by this, multiple wallets followed suit with purchases, driving the probability from 0.7% up to the current 2.9%.It is reported that Hunter Biden is the second son of Joe Biden, the 46th President of the United States, and his only surviving son. Related controversies have persisted throughout Biden's entire presidency, becoming a core weapon for Republicans to attack the Biden administration over "corruption" and "cronyism."Odaily Seer Channel continuously monitors prediction markets, seeing changes before prices are set.
according to Onchain Lens monitoring, due to the Orchard Pool vulnerability, ZEC fell below $400. The 3x leveraged ZEC short position of “1011 insider whale” Garrett Jin has a floating profit of over $13.5 million, while his 5x leveraged BTC long position has a floating loss of over $17 million.
Arthur Hayes (@CryptoHayes), co-founder of BitMEX and CIO of Maelstrom Fund, stated in a post that he has liquidated his entire $ZEC position following a vulnerability exploit targeting ZEC’s Orchard Pool. Hayes noted that although malicious minting is highly unlikely, it cannot be cryptographically proven impossible; privacy narratives demand “perfection,” not merely “probable security.” He added that if the underlying assumptions are later falsified, he does not rule out repurchasing $ZEC at a lower price. His team continues to hold a $WLD position and maintains a bullish stance.
on May 29, 2026, Taylor Hornby discovered a critical counterfeiting vulnerability in Zcash's Orchard pool. Taylor Hornby reported the vulnerability to the Zcash Open Development Lab, and after coordinated efforts, a fix was completed on June 2. The vulnerability could have been exploited to secretly create an unlimited number of counterfeit ZEC within Zcash Orchard. Due to the privacy features of Orchard, it is cryptographically impossible to determine whether the vulnerability was exploited before the fix was deployed.The vulnerability had existed since Orchard's activation in May 2022 until an emergency fix was deployed on June 1, 2026. Taylor Hornby, with the assistance of AI tools, wrote a complete exploit program and generated an infinite, undetectable amount of counterfeit ZEC in a local test environment. Shielded Labs is currently collaborating with other Zcash developers to explore network upgrade proposals that would allow anyone to verify the integrity of Zcash's supply.
Web3 security company Immunefi's latest "2026 Ecosystem Vulnerability Audit Report" shows that losses from DeFi protocol hacks have fallen 74% from a peak of $2.62 billion in 2022 to approximately $680.3 million in 2025.The report notes that the median loss per individual attack has also significantly decreased, from $6 million in 2022 to $1.5 million in 2025, reflecting an overall improvement in security standards. Meanwhile, the share of bridge exploits in total DeFi losses has dropped sharply from 73% in 2022 to 3% in 2025, and the proportion of flash loan attacks has fallen from 54% to less than 1%.The proportion of risks at the infrastructure level (such as private key leaks and database attacks) also decreased from 30.7% in 2022 to 10.3% in 2025. Immunefi stated that this reflects continuous optimization in oracle design, reentrancy attack protection, and access control standards, making the DeFi ecosystem "generally becoming safer."However, the report also notes that losses slightly rebounded to $680.3 million in 2025, primarily due to increased complexity in multi-chain systems and a few high-severity incidents. At the same time, the number of independent security incidents continues to rise, indicating the attack surface is still expanding. (The Block)
Anthropic 报告显示,过去一年 67% 因违规被封的账户使用 AI 准备网络攻击,包括编写恶意软件等,反映 AI 被用于网络犯罪的趋势加剧。
: SlowMist posted on X platform, stating that its threat intelligence system has detected a new Rust supply chain malware activity named IronWorm. This malware actively attacks developer environments and the Web3/crypto ecosystem through malicious npm packages. Potential attack behaviors include credential theft, wallet seed phrase and password theft, GitHub repository tampering, malicious package publishing, CI/CD key theft, Tor-based command and control, and covert persistence via eBPF rootkits.SlowMist recommends that security teams audit repositories for backdated commits, suspicious branches, abnormal build hooks, and commits attributed to automated identities such as claude, dependabot, renovate, or github-actions; remove or deprecate affected package versions, publish clean versions, rotate all exposed keys and tokens, review GitHub Actions build artifacts, and rebuild potentially compromised developer or CI systems from clean images. This threat was discovered and analyzed by JFrogSecurity.
According to Drift’s official announcement, the Drift Protocol released its latest recovery update on June 3, 2026. An independent forensic investigation conducted by cybersecurity firm Mandiant has confirmed that the prior attack against Drift was carried out by the North Korean threat group UNC6862, whose tactics closely align with those historically employed by North Korean state-sponsored hacking operations. On the rebuilding front, Drift announced the appointment of Noah Prince—former Engineering Lead of the Helium Protocol—as Protocol Lead, who will spearhead codebase hardening and platform security architecture redesign. Additionally, former members of the Gauntlet team have been brought on board to conduct margin engine reviews, optimize funding rates and market parameters, enhance liquidation mechanisms, and implement continuous risk monitoring. Drift plans to relaunch with “security-first” as its core principle, repositioning itself as Solana’s largest USDT-perpetuals exchange. With support from strategic partners including Tether, Drift will establish a dedicated recovery pool funded by platform revenues to compensate users for losses. Further details regarding the recovery mechanism and timeline will be disclosed progressively.
According to Cryptopolitan, Adam Iza—a 25-year-old cryptocurrency entrepreneur from California, nicknamed “The Godfather”—formally pleaded guilty on June 1 to orchestrating the kidnapping of a couple from Connecticut. The incident stemmed from the couple’s son, Veer Chetal, who allegedly stole 4,100 bitcoins (valued at approximately $245 million) via social engineering. In response, Iza planned to kidnap Chetal’s parents to recover the stolen funds. On August 25, 2024, the criminal group staged a rear-end collision near Danbury High School, forcibly abducted the victims, and assaulted them. However, the operation quickly unraveled after multiple witnesses called the police and nearby FBI agents intervened; all six participants were apprehended and have since pleaded guilty. Additionally, in a separate case in California, Iza also pleaded guilty to charges including wire fraud, tax evasion, and directing law enforcement officers to conduct illegal surveillance for extortion purposes. California prosecutors are separately seeking a 35-year prison sentence.
Adam Iza, a California cryptocurrency executive, admitted on Monday to orchestrating an attempted kidnapping of Veer Chetal's parents. The case is related to the $245 million Bitcoin theft that Veer Chetal was previously involved in.Adam Iza, 25, also known as Ahmed Faiq, who ran the crypto trading company Zort and called himself the "Godfather," along with Veer Chetal and two others, impersonated technical support staff from Google and crypto exchanges to steal 4,100 Bitcoins from a Washington resident, valued at approximately $245 million at the time. Adam Iza and his accomplices attempted to obtain part of the stolen funds by kidnapping Veer Chetal's parents. Additionally, Adam Iza admitted to fraudulently accessing Meta's business manager accounts and credit lines to steal over $37 million between 2020 and 2022. Federal prosecutors are seeking at least 14 years in prison for his sentence. (fortune)