News linked to this event type.
According to CoinDesk, the total value locked (TVL) in ETH lending protocols has declined from a year-to-date high of $32 billion to $23 billion—a drop of approximately 28%. The oracle vulnerability incident involving KelpDAO triggered a market confidence crisis, and combined with overall bearish market sentiment, led to roughly $9 billion in outflows from the DeFi lending sector.
Curvance posted on platform X, stating that at approximately 6:00 PM EST today (Beijing time), it noticed an anomaly in the Echo eBTC market on the Curvance platform. Currently, there are no indications that the Curvance smart contract has been attacked or compromised. Due to its fully isolated market architecture, other markets remain unaffected. As a precautionary measure, the team has suspended the affected market and is investigating the cause of the incident together with ecosystem partners. Further updates will be announced as more information becomes available.
Casa co-founder Jameson Lopp has warned of a new phishing attack, where attackers leverage legitimate Google account recovery forms to hide malicious links within large amounts of blank space. This technique involves embedding "invisible" or overlooked whitespace characters within long text, making the malicious link less noticeable to users, thereby tricking them into clicking and exposing their account information.Lopp advises users to remain vigilant when handling account recovery emails or forms, and to avoid clicking on links that are from unknown sources or intentionally hidden. (Cointelegraph)
According to Bits.media, Russia’s Government Legislative Committee approved, on May 18, a proposal to ban cryptocurrency mining in parts of the Kursk region along the border. Kursk Regional Governor Alexander Sinyutin announced the decision during a regional government meeting. The ban will cover eight districts and the city of Lgov, including Belovsky, Bolshesoldatsky, Glushkovsky, and others. The primary reason for the ban is that residents in these border areas are exempt from paying utility bills—including electricity—meaning that if mining were permitted, the associated electricity costs would fall on the federal budget, creating a fiscal burden. Additionally, ongoing attacks by Ukrainian armed forces and difficulties repairing infrastructure have strained local energy supplies. The governor stated that the ban could be lifted once the situation returns to normal, residents return home, and utility payments resume—but no specific timeline was provided.
According to JIN10 Data, U.S. President Trump announced on Monday that, at the joint request of the leaders of Qatar, Saudi Arabia, and the United Arab Emirates, he had canceled the planned military strike against Iran scheduled for Tuesday, in order to buy time for diplomatic negotiations. Trump stated that a key condition of any agreement would be Iran’s written commitment to abandon nuclear weapons, adding, “The chances of reaching an agreement appear quite high.” However, he also warned that he had directed the U.S. military to stand ready for an “immediate, full-scale, large-scale attack,” to be launched without delay if negotiations collapse—and emphasized that no deadline had been set. Currently, both the U.S. and Iran have rejected each other’s newly proposed plans; the main points of contention center on the disposition of Iran’s highly enriched uranium stockpile and the return of its frozen assets.
Odaily Odaily News Monad co-founder Keone Hon posted on the X platform, stating that the team has noted a security incident related to eBTC on EchoProtocol. Security researchers are currently investigating the matter. The Monad network itself has not been affected and is operating normally.Additionally, a preliminary review by security researchers determined that this exploit targeting EchoProtocol's eBTC has resulted in the theft of approximately $816,000 in assets.
According to on-chain analyst PeckShield (@PeckShieldAlert), Echo Protocol was hacked on Monad. The attacker minted 1,000 $eBTC out of thin air (valued at approximately $76.7 million), then deposited 45 $eBTC (approximately $3.45 million) into Curvance and used it as collateral to borrow roughly 11.29 $WBTC (approximately $867,700). The attacker subsequently bridged the $WBTC cross-chain to Ethereum, swapped it for $ETH, and laundered 384 ETH (approximately $821,700) via Tornado Cash.
Odaily News: Trump stated that Saudi Arabia, Qatar, the UAE, and several other countries requested that he delay a military strike against Iran by "two to three days," as they believe a US-Iran agreement is "very close to being reached." Speaking to reporters at a White House event, Trump said the US was prepared to launch a "very significant" attack on Iran on the 19th. "However, I postponed it for a short period of time, hoping it might be permanent, but it could also be temporary. Because we have been having very significant discussions with Iran, and we will wait to see the outcome of these discussions."Trump noted that there have been some "very positive developments" in the negotiations and that the aforementioned Gulf allies have an opportunity to help finalize an agreement. He added that the current situation is "slightly different" from previous instances when the US believed a deal with Iran was imminent. (Xinhua News Agency)
According to Onchain Lens monitoring, Echo Protocol on Monad has been attacked. The attacker minted 1000 eBTC, worth $76.7 million, and withdrew the funds through Curvance via a previously tested attack path.As of now, the attacker has deposited 45 eBTC as collateral into Curvance and borrowed approximately 11.29 WBTC, worth $867,700; the attacker then cross-chained this portion of WBTC to Ethereum, swapped it for ETH, and transferred 385 ETH (worth approximately $818,000) to Tornado Cash. The attacker currently appears to still control a large amount of the minted eBTC.
Governor Walz of Minnesota has signed legislation enabling state-chartered credit unions to offer digital asset custody accounts. The bill aims to allow Minnesota residents to manage their crypto assets more securely under regulatory oversight and strengthen protections against fraud, hacking, and asset loss. Minnesota Credit Unions also thanked co-sponsors Reps. Perryman and Elkins and Sen. Seeberger for advancing this legislation.
Vitalik published an article titled “A Shallow Dive into Formal Verification,” introducing recent progress in applying formal verification to Ethereum’s cutting-edge research and development. The article states that developers can write code in Lean, EVM bytecode, or assembly language and verify its correctness via mathematically rigorous proofs that can be automatically checked—thereby improving both code efficiency and security. He notes that formal verification is especially suitable for complex yet well-defined-security systems such as STARKs, Byzantine Fault Tolerant (BFT) consensus, ZK-EVMs, and post-quantum signatures, and mentions related projects including Arklib, VCV-io, and evm-asm. The article also emphasizes that formal verification is not a panacea: it remains subject to limitations such as incorrect specification definitions, unverified code paths, hardware-level constraints, and side-channel attacks.
according to PeckShieldAlert monitoring, the Adshares bridge attacker has returned 256 ETH (worth $540,700) to the deployer, accounting for 86% of the stolen funds.The Adshares bridge was attacked on May 17, 2026, resulting in a loss of approximately $628,000.
Verus confirmed on Platform X that its Verus-Ethereum cross-chain bridge has been attacked, resulting in the theft of ETH, USDC, and tBTC from the contract on the Ethereum chain. Other bridged assets are currently unaffected. The Verus network is now suspended, with most block-producing nodes voluntarily going offline after experiencing the cascading effects of the attack. The development team is fully investigating the scope of the incident, the attack vector, and the subsequent remediation plan, and will provide updates once more information is confirmed. Verus stated that it is willing to cooperate with relevant law enforcement agencies to pursue legal accountability; however, if the attacker returns all stolen funds, the project team is willing to offer a bug bounty and will not pursue further legal action.Verus also reminds users that anyone claiming to be part of the Verus team or community in public channels, private messages, or other avenues, and offering "compensation" or "remediation plans," is a scammer. The official statement emphasizes not to interact with anyone claiming there are compensation projects or offering payouts, and to promptly report such accounts to Discord or Platform X.Previously, it was reported that the Verus-Ethereum cross-chain bridge was attacked, resulting in losses of approximately $11.58 million.
According to an official announcement, Bybit recently completed an innovative anti-money laundering (AML) research collaboration with a student team from The University of Hong Kong (HKU). This collaboration used Bybit’s February 2025 security incident as a case study, providing HKU Business School master’s students with hands-on experience in blockchain investigations and AML analysis.
According to CoinDesk, Simone Maini, CEO of blockchain analytics firm Elliptic, stated that the biggest emerging risk to crypto security is not larger-scale hacking attacks, but rather AI-driven financial activity operating at a speed and scale that human compliance teams cannot keep up with. As AI lowers the barriers to hacking, scams, and fraud, security firms like Elliptic are responding by deploying AI agents to analyze on-chain data in real time—sparking an automated arms race between adversaries and defenders. Maini noted that current compliance systems remain heavily reliant on manual review, and the global pool of compliance analysts specializing in digital assets is simply insufficient to meet future demand. Elliptic has raised $120 million in funding—including from Nasdaq and Deutsche Bank—to build an “agent-based compliance system” that leverages AI to automate transaction monitoring and investigation workflows, thereby reducing the cost per alert and per investigation.
According to The Block, Bitcoin Depot (BTM), a Nasdaq-listed Bitcoin ATM operator, filed for Chapter 11 bankruptcy protection on the 18th in the U.S. District Court for the Southern District of Texas, announcing an orderly liquidation and asset sale. CEO Alex Holmes stated that increasingly stringent state-level compliance requirements, transaction limit restrictions, and operational bans in certain regions have rendered the company’s existing business model unsustainable. Previously, the company suffered a security breach in April 2026, resulting in a $3.7 million loss; its Q1 2026 revenue declined 49.2% year-on-year, with a net loss of $9.5 million. Currently, all over 9,000 Bitcoin ATMs operated globally by Bitcoin Depot have been taken offline, and its overseas entities—including those in Canada—will also be shut down.
Odaily reports: Artificial intelligence company Anthropic has agreed to provide a special briefing to relevant officials of the Financial Stability Board (FSB) regarding its Mythos AI model. The briefing will focus on security vulnerabilities identified by the model within the defense systems of the global financial network.According to two sources familiar with the matter, the communication was proposed by Bank of England Governor Andrew Bailey, requesting that Anthropic brief the FSB on its new preview version of the Claude·Mythos AI model. The FSB is currently compiling a report on compliance standards for the application of artificial intelligence in the financial industry, with a draft expected to be released next month for public consultation. Both the FSB and Anthropic have declined to comment on their recent communications. (Jiemian)
PeckShield posted on platform X, stating that from February to mid-May 2026, at least 8 major cross-chain bridge security incidents occurred in the crypto industry, with attackers stealing approximately $328.6 million in assets from cross-chain protocols in total.PeckShield pointed out that cross-chain infrastructure remains a high-frequency target for hackers, with related risks continuing to intensify amid the expansion of the multi-chain ecosystem.
According to PeckShield monitoring, the Verus-Ethereum Bridge has been hacked, resulting in the loss of assets including 103.6 tBTC, 1,625 ETH, and 147,000 USDC. The hacker subsequently swapped the stolen assets for approximately 5,402.4 ETH. The attacker's address received an initial 1 ETH approximately 14 hours ago via the mixing protocol Tornado Cash.
: On-chain analyst Tom Wan stated on platform X that the current ETH utilization rate has dropped below 90%, and the lending APY has fallen to 1.9%. Since the rsETH LayerZero cross-chain bridge was attacked, the deposits of wstETH and weETH have decreased by approximately $1.2 billion and $1.76 billion, respectively. As the strategy of leveraged looping wstETH/weETH against ETH becomes profitable again, market attention is turning to whether demand for ETH leveraged loops will return, or if capital will continue to wait on the sidelines or flow into protocols like Spark and Morpho.