News linked to both this project and an event.
SlowMist founder Yu Xian tweeted that, after preliminary analysis, the Asterix attack employed a method similar to yesterday’s Flooring Protocol incident. The underlying protocols involved are DN404 and BT404, respectively. The issue relates to integer overflow and reuse caused by high-value NFT ID bit-shift operations, suggesting the attacker may be searching for similar vulnerabilities.
Yuga Labs tweeted that it has completed a white-hat operation targeting a newly discovered vulnerability in the Flooring Protocol and is temporarily safeguarding the rescued assets, including 29 Bored Apes, 4 Mutant Apes, 1 BAKC, 2 CryptoPunks, 1 Azuki, 2 Elementals, 26 Captains, 1 Moonbird, and 2 Doodles.
According to CoinDesk, the floor price of Bored Ape Yacht Club (BAYC) NFTs has risen from approximately 5 ETH to over 10 ETH in the past month, while ApeCoin (APE) rebounded from below $0.10 to around $0.16 during the same period, with trading volume notably expanding. Meanwhile, repeated security vulnerabilities and persistently declining yields in the DeFi sector have driven some capital toward the NFT market. The financialization trend of NFTs is also intensifying: a recent $2.8 million loan collateralized by a CryptoPunk attracted widespread attention, with the lender expected to earn roughly $138,000 in interest over 90 days. Blue-chip collections such as Pudgy Penguins have also strengthened concurrently, and market expectations surrounding a potential token launch by OpenSea have further boosted sentiment.
According to a research report released by cybersecurity firm Expel, the company is tracking an advanced persistent threat (APT) group dubbed “HexagonalRodent,” which is highly assessed to be a North Korean (DPRK) state-sponsored actor. This group primarily targets Web3 developers and specializes in stealing high-value digital assets—including cryptocurrencies and NFTs. In the first quarter of 2026 alone, the group compromised 2,726 developer devices and stole access credentials for 26,584 cryptocurrency wallets, with the total value of stolen assets reaching as high as $12 million. The group primarily carries out its attacks via fake job postings—publishing lucrative positions on LinkedIn and Web3 recruitment platforms to lure job seekers into completing “skills assessments” embedded with malicious code. These assessments exploit VSCode’s tasks.json functionality to automatically execute malware when victims open the project folder. The malware used includes BeaverTail, OtterCookie, and InvisibleFerret, all of which possess capabilities such as password theft, remote control, and reverse shell execution. Notably, the group extensively leverages generative AI tools—including ChatGPT and Cursor—to develop malware, build counterfeit corporate websites, and generate AI-forged executive teams. It even registered a shell company in Mexico to enhance the credibility of its operations. Additionally, the group recently carried out its first-ever supply-chain attack, successfully infiltrating a VSCode extension.