News linked to both this project and an event.
According to on-chain security platform Blockaid (@blockaid_), the MILC Platform cross-chain bridge suffered a private key leak on both the BNB Chain and Ethereum networks. The attacker exploited a historical bridge administrator wallet to grant the DEFAULT_ADMIN_ROLE and MANAGER_ROLE permissions to the attacker’s address. Subsequently, assets were withdrawn from the bridge contract, and administrative control was transferred to the attacker’s wallet. Confirmed losses currently stand at approximately $97,003 USDT (on BNB Chain) and approximately 39.21 ETH (on Ethereum, transferred out via Rhino.fi), totaling roughly $161,000.
Humanity released a post-mortem report on the H token security incident that occurred between June 8 and 9, stating that the incident was not caused by a smart contract vulnerability, but rather by a malware intrusion into a developer's device, which led to the leakage of private keys. Humanity stated that the attacker still holds the ProxyAdmin permissions for the ETH bridge and the BNB Chain token. Preliminary investigations confirmed that a colleague's device was infected with malware, which the attacker used to obtain the hot wallet private key of the administrator and the private keys for signing on 6 Gnosis Safe wallets. The team has hired an external security agency to conduct a forensic investigation and stated that they are formulating a recovery plan for affected users.
According to monitoring by crypto analyst 余烬@EmberCN, the Humanity attacker minted an additional 1 billion H tokens 20 minutes ago.余烬 stated that previously, the attacker had minted H tokens in batches of 100 million, but this time directly minted 1 billion. However, as market liquidity continues to dry up, the attacker's ability to cash out has significantly decreased. Currently, selling 10 million H tokens at once can only be exchanged for approximately 6 BNB, worth about $3,600. The price of H has now dropped to approximately $0.0003.
According to monitoring by on-chain analyst Ember, the "private key leak" has allowed the minting and dumping of H to continue for 13 hours. The so-called "hacker" is still able to mint H on the BSC chain and sell it off, draining every last cent from the pools. The "hacker" has minted 300 million H and sold a total of approximately 450 million H, cashing out $34 million (ETH+BNB). The H pool on BSC has been drained to just $13 in liquidity, and the price of H has plummeted 99.9% to $0.0009. Meanwhile, the perpetual contract price on CEX stands at $0.09, a 100x difference. In essence, they have de-pegged into two unrelated tokens.
according to Lookonchain monitoring, the Humanity hacker has minted an additional 100 million H tokens on the BSC chain. The hacker has already obtained 18,510 ETH (worth $30.83 million) and 1,548 BNB (worth $924,000) by selling H tokens. The hacker currently still holds 111.36 million H tokens (worth $14 million) for sale. On-chain liquidity is now nearly depleted.
according to on-chain analyst Ember CN's monitoring, hackers are continuing to dump H tokens on-chain, with the on-chain price dropping to $0.003. The current Binance perpetual contract price stands at $0.06, a 20x difference from the on-chain price.
Odaily Seer Prophet Channel monitoring shows that the probability of "Zcash will hit $100 in 2026" on Polymarket has risen to 53%, a 24-hour increase of 36%.Market rules: If between 17:35 on November 24, 2025, and 23:59 on December 31, 2026 (Eastern Time), the lowest price (Low) of any 1-minute candlestick of the Binance ZEC/USDT trading pair reaches or falls below the price stated in the title, this market will immediately settle as "Yes"; otherwise, it will settle as "No." Settlement is based solely on the 1-minute candlestick data of the Binance ZEC/USDT trading pair; prices from other exchanges or trading pairs will not be considered.In previous news, the privacy coin Zcash disclosed and fixed a critical security vulnerability that could have been exploited by malicious miners to transfer over 25,000 ZEC (approximately $6.5 million) from the deprecated Sprout privacy pool. Officials stated that the vulnerability had existed since July 2020 but was not actually exploited, and user funds remained safe at all times. The development team has released version v6.12.0 to complete the fix, and major mining pools have already upgraded their deployments.Odaily Seer Prophet Channel continues to monitor prediction markets, seeing changes before pricing.
: According to an official announcement, on June 3, Trust Wallet announced a partnership with BNB Chain and CoinMarketCap to officially launch the "BNB Hack: AI Trading Agents" hackathon, featuring a total prize pool of $36,000. The Trust Wallet Agent Kit serves as the core on-chain execution technology stack for this event. This hackathon also marks the first time the Trust Wallet Agent Kit has been fully integrated as a core infrastructure component into a top-tier AI Agent hackathon system.The hackathon features two main tracks: "Autonomous Trading Agents" (prize pool $24,000, 5 winners) and "Strategy Skills" (prize pool $6,000, 3 winners), in addition to three partner special awards of $2,000 each. In the "Autonomous Trading Agents" track, participants must leverage the Trust Wallet Agent Kit to achieve local self-custodial signing, autonomous mode operation, and on-chain trade execution, deployed within native BNB Chain scenarios such as PancakeSwap and BSC Perpetual Contracts. The "Strategy Skills" track does not require an execution layer; participants build backtestable strategy proposals based on 12 categories of data tools from CoinMarketCap MCP, including market data, technical indicators, on-chain data, sentiment, and news.Track one uses real PnL as the core evaluation criterion, setting a maximum drawdown limit as the risk control threshold. Track two is comprehensively scored by a judging panel across four dimensions: technical execution, originality, real-world value, and presentation. The build window runs from June 3 to June 21, the trading window from June 22 to June 28, and winners will be announced during the week of July 6. In addition to cash prizes, winning teams will receive CoinMarketCap Pro API subscription credits, mentorship from CMC Labs, and the BNB Chain Kickstart ecosystem support package.
According to on-chain analyst PeckShield (@PeckShieldAlert), approximately 19 hours ago, TesseraDao (@TesseraDao) on BNB Chain was attacked. The hacker maliciously minted 99 million TSR tokens and immediately dumped them, causing the TSR price to plummet by 99%. The attacker then exchanged the stolen TSR for approximately $2.5 million in USDT and cross-chained the funds to Ethereum. The attacker has since laundered 1,285.5 ETH via TornadoCash.
According to The Block, the DeFi lending protocol Radiant Capital has announced it will officially cease operations. The protocol suffered a hack in October 2024, losing approximately $51 million; the attacker gained unauthorized access by deploying backdoor contracts on Arbitrum and BNB Chain. Earlier in 2024, the protocol had also been hit by a flash loan attack, resulting in a loss of roughly 1,900 ETH (approximately $4.5 million). After 18 months of recovery efforts, Radiant Capital stated that it has neither recovered a significant portion of the stolen funds nor secured new financing, declaring that “the DAO has no viable path forward.” The protocol will now enter a “maintenance mode”: its frontend and smart contracts remain accessible, allowing users to withdraw funds, repay loans, and manage positions. Any funds recovered in the future will be returned to affected users.
DxSale.Network posted on X platform in response to a recent security incident, disclosing that the vulnerability originated from the newly launched atomic transaction feature on BNB Smart Chain (BSC), which affected the v1 lockup contract launched in 2021. The team has identified the source of the issue and stated that lockup contracts for v2 and above are completely secure and have been audited by Certik. Users can rest assured that assets locked in v2 and above are unaffected.
According to on-chain investigator Eye, DxSale is suspected of withdrawing approximately $7.3 million from some of its early liquidity pools locked on BNB Chain since 2021—impacting over 1,400 LPs. Eye stated that the attack involved silent ownership transfers and over 80 wallet hops. Eye noted that the newly used wallet address in the attack received 104 BNB from Bybit 20 hours prior to the liquidity pool withdrawal, and subsequently received approximately 1,200 BNB after the funds were withdrawn from the liquidity pools. Thereafter, this address transferred roughly 3,400 BNB in total to two wallets, with the related funds already withdrawn via multiple Binance deposit addresses.
on-chain analyst Specter stated that the hijacking incidents of investor Keith Gill, Matt Furie, and WinRAR accounts on the X platform are all linked to the same hacker organization. This organization has accumulated over $14 million in profits by hijacking accounts to promote tokens and conducting cross-chain money laundering, with funds flowing through five chains: Solana, BNB Chain, Ethereum, Tron, and Hyperliquid.Specter claims the organization may also be connected to a $2.45 million wstETH phishing attack in 2024. The investigation found that hackers used compromised accounts to issue Pepe imitation tokens, incorporating a built-in 2% automatic fee mechanism to generate profits; related fund flows are associated with the bnbshare.fun platform and multiple Solana, Tron, and Ethereum addresses. Analysis also showed that several tokens (including USOR, VDOR, DROID, WCOR, UGOR) were used to inflate market caps before being dumped to zero.
According to a research report released by Binance Research, approximately 11% of illicit cryptocurrency transaction volume was seized in 2025—55 times the global fiat recovery rate (less than 1%). Even after excluding the single Prince Group case involving roughly $15 billion worth of BTC, the remaining seized amount still stands at about 10 times the fiat baseline. Data from on-chain security firms SlowMist and PeckShield shows that between 8.3% and 13.2% of stolen funds were recovered or frozen in 2025, reflecting continuously improving collaboration efficiency among exchanges, stablecoin issuers, and law enforcement agencies. Binance Research notes that blockchain’s inherent transparency is being fully leveraged by regulators and investigators, and the notion that “cryptocurrency is a breeding ground for illicit activity” is gradually becoming an outdated misconception.
According to on-chain analyst PeckShield (@PeckShieldAlert), THORChain has been hacked, resulting in losses of approximately $10 million in crypto assets, including 36.75 BTC (around $3 million) and roughly $7 million in assets from BNB Chain, Ethereum, and Base.
Binance has released its latest security report. In response to the current industry trend of rapidly proliferating AI-powered fraud, the platform has deployed over 24 AI security initiatives and equipped more than 100 AI models to build an intelligent defense system against various types of crypto fraud. Statistics show that from the beginning of 2025 to the first quarter of 2026, Binance has protected over 5.4 million users and intercepted potential fund losses amounting to $10.53 billion.In Q1 2026, the platform successfully intercepted 22.9 million scams and phishing attacks, protecting $1.98 billion in user funds. It pushed over 9,600 real-time risk alerts daily and blacklisted a total of 36,000 malicious on-chain addresses. The report points out that AI-powered social engineering attacks, including deepfakes, voice cloning, and phishing bots, have become mainstream fraud methods. In 2025, the overall scale of crypto fraud reached $17 billion, a 30% year-over-year increase.On the risk control front, Binance's AI systems handle 57% of fraud detection work, reducing card fraud rates to 60%-70% of the industry average. Upgraded AI-driven anti-forgery KYC verification has increased audit efficiency by up to 100 times. Its AI trading tool, Binance Ai Pro, adopts an isolated account architecture, granting only trading permissions while prohibiting withdrawals. The platform blocked 12% of high-risk third-party AI plugins. Additionally, in 2025, Binance assisted in recovering $12.8 million in defrauded funds, handled 48,000 cases, and worked with law enforcement agencies to freeze $131 million in illegal assets.
According to The Block, blockchain security firm CertiK released a report on May 8 stating that 34 confirmed “wrench attacks” (i.e., offline physical assaults and extortion targeting cryptocurrency holders) occurred globally in the first four months of 2026—an increase of 41% compared to the same period in 2025. Victims’ total losses amounted to approximately $101 million. If this trend continues, the annual number of incidents is projected to reach around 130, with losses potentially totaling hundreds of millions of dollars. Geographically, 28 of the 34 incidents (82%) occurred in Europe, with France standing out particularly: 24 cases were recorded there in the first four months of 2026 alone—exceeding the full-year total of 20 incidents in 2025. CertiK attributes this surge to France’s hosting of flagship crypto firms such as Ledger and Binance, frequent data breaches, and a community culture of conspicuous wealth display and proactive doxxing. In contrast, reported incidents in the U.S. dropped from nine in Q1 2025 to three in Q1 2026, while Asia saw a decline from 25 to two. Regarding attack patterns, CertiK notes that criminal groups have shifted toward a “data-driven targeting” model—purchasing victims’ names, addresses, and asset information from data brokers, thereby reducing the need for physical reconnaissance. Over half of this year’s incidents involved threats against or direct harm to victims’ family members (spouses, children, elderly parents) as a coercive tactic. Operationally, small gangs of three to five individuals typically carry out these attacks via
According to an official announcement, in response to the security incident involving the frontend platform Vercel and related supply-chain security risks, Binance’s security team immediately initiated an emergency response, conducted a comprehensive risk assessment across all frontend products within the Binance ecosystem, and directly contacted Vercel to verify each point individually. Binance stated that its platform and user assets are not affected by this incident.
According to an official announcement from Curve Finance, due to a hacker attack on the rsETH LayerZero infrastructure, Curve Finance has suspended its LayerZero infrastructure for security reasons, pending further investigation into the root cause before resuming operations. This suspension affects the following: cross-chain bridging of CRV tokens from BNB Chain, Sonic, Avalanche, Fantom, Etherlink, and Kava (chains using native bridges remain unaffected), as well as the crvUSD fast bridge functionality (the L2 slow bridge remains fully operational). Meanwhile, KelpDAO is also reported to have suffered a vulnerability exploit involving approximately $291 million; the exact extent of losses is still under investigation.
According to an official announcement, Curve Finance has suspended its LayerZero infrastructure as a precautionary measure following a hacker attack on rsETH’s LayerZero infrastructure, pending further investigation into the root cause. This adjustment affects cross-chain CRV bridging initiated from chains including BNB, Sonic, Avalanche, Fantom, Etherlink, and Kava; bridging from other chains remains unaffected and continues to use native bridges. Additionally, the crvUSD fast bridge is impacted, while the slower bridge to L2s remains fully operational.