News Heat Trend
Project Overview
Bridge is building a stablecoin-powered money movement platform, offering services such as payouts, cross-border payments and exchanging foreign currencies. its Orchestration and Issuance APIs make it possible for any company and team to offer digital dollar-based services to their end consumers or businesses.
Humanity Releases Security Incident Investigation Report: Attack Methodology Exhibits Characteristics of North Korean Hackers; Mainnet Bridge Unaffected
Humanity announced the independent investigation results from Quantstamp, stating that the security incident—exceeding $31 million—originated from a phishing attack that led to the leakage of private keys. The attackers subsequently gained control of the smart contract and dumped tokens; the tools and tactics employed exhibit characteristics commonly associated with North Korean hacker groups.
Humility Security Incident Update: $36 Million Stolen, Police Investigation Launched to Recover Funds
Humility Protocol released a security incident update on the X platform, stating that its H token suffered a coordinated attack on the Ethereum and BSC chains yesterday, with confirmed losses exceeding $36 million in stolen and dumped assets.Preliminary investigations indicate the incident originated from a compromised employee computer, which led to the leakage of private keys for the multi-signature wallet controlling the Hyperlane Bridge ProxyAdmin. Specifically, the attacker obtained 3 out of 6 private keys of the Gnosis Safe wallet on the Ethereum chain, transferred ownership of the ProxyAdmin to a wallet under their control, upgraded the bridge contract to a malicious implementation, and subsequently transferred approximately 141.2 million H tokens in a single transaction.Simultaneously, the attacker also gained control of 3 out of 5 private keys of the Safe wallet on the BSC chain, took over the ProxyAdmin using the same method, deployed a malicious contract with unlimited minting functionality, and minted 200 million H tokens in two separate transactions to their own wallet.Humility stated that it has suspended all deposit and withdrawal operations on the affected bridge services and is collaborating with partners such as exchanges to mitigate losses. Meanwhile, it is cooperating with the police investigation and attempting to recover part of the stolen funds.
Backpack Launches Securities Platform to Bridge Traditional and Digital Asset Markets
Cryptocurrency exchange Backpack announced the launch of Backpack Securities, enabling investors to buy, hold, and sell real stocks backed by regulated U.S. securities infrastructure—entitling them to dividends, corporate actions, and rights under systems such as ACATS and DTCC. Additionally, positions can be converted into tokenized securities freely transferable and tradable 24/7 on public blockchains like Solana. Orders are routed directly into U.S. equity market liquidity pools, with execution prices reflecting real-time market prices.
Gravity Bridge, a Cosmos ecosystem cross-chain bridge, announced service suspension following an attack.
The Cosmos ecosystem’s cross-chain bridge Gravity Bridge was reportedly attacked due to a leaked signature key, resulting in approximately $5.4 million in stolen assets. The official team has confirmed the security incident and has urgently suspended bridging services to conduct an investigation. Validators have also been instructed to halt their validator nodes and coordinators. It is reported that the bridge’s contract keys may have been compromised.
Hong Kong’s Financial Secretary: Gold Can Serve as a Bridge Between Traditional and New Finance
According to the South China Morning Post, Hong Kong’s Financial Secretary and Secretary for Financial Services and the Treasury, Christopher Hui, stated that gold can serve as a potential bridge between traditional finance and new finance. He emphasized that Hong Kong needs to provide more development opportunities for the digital asset market to support its sustainable growth. He also noted that, given the “convergence” trend between traditional and innovative finance, Hong Kong has opted not to establish a separate digital asset regulatory authority. Hui pointed out that both gold ETFs and blockchain-based tokenized gold products are already available in the market. Earlier, HSBC and Hang Seng Investment launched Hong Kong’s first tokenized, non-listed Hang Seng Gold ETF product on HashKey Exchange in April.
Sky: Solana Bridge Back Online, USDS Cross-Chain Functionality to Resume After rsETH Vulnerability Review
Sky (formerly MakerDAO) announced on X that the cross-chain bridging of USDS OFT on the Solana network, which was suspended due to the security review of the rsETH vulnerability incident, has resumed operation.Sky emphasized that during the review, its USDS-related contracts and the protocol itself were not affected. USDS has always maintained a fully overcollateralized state as designed, which can be verified in real-time on-chain. The suspension was a precautionary security measure. Currently, the bridging function on the Solana side has been reopened, while the Avalanche-related bridging will resume after further review is completed.
Humanity Releases Security Incident Investigation Report: Attack Methodology Exhibits Characteristics of North Korean Hackers; Mainnet Bridge Unaffected
Humanity announced the independent investigation results from Quantstamp, stating that the security incident—exceeding $31 million—originated from a phishing attack that led to the leakage of private keys. The attackers subsequently gained control of the smart contract and dumped tokens; the tools and tactics employed exhibit characteristics commonly associated with North Korean hacker groups.
MILC Platform Cross-Chain Bridge Suffers Private Key Leak Attack, Sustaining ~$161,000 in Losses
According to on-chain security platform Blockaid (@blockaid_), the MILC Platform cross-chain bridge suffered a private key leak on both the BNB Chain and Ethereum networks. The attacker exploited a historical bridge administrator wallet to grant the DEFAULT_ADMIN_ROLE and MANAGER_ROLE permissions to the attacker’s address. Subsequently, assets were withdrawn from the bridge contract, and administrative control was transferred to the attacker’s wallet. Confirmed losses currently stand at approximately $97,003 USDT (on BNB Chain) and approximately 39.21 ETH (on Ethereum, transferred out via Rhino.fi), totaling roughly $161,000.
Humility Security Incident Update: $36 Million Stolen, Police Investigation Launched to Recover Funds
Humility Protocol released a security incident update on the X platform, stating that its H token suffered a coordinated attack on the Ethereum and BSC chains yesterday, with confirmed losses exceeding $36 million in stolen and dumped assets.Preliminary investigations indicate the incident originated from a compromised employee computer, which led to the leakage of private keys for the multi-signature wallet controlling the Hyperlane Bridge ProxyAdmin. Specifically, the attacker obtained 3 out of 6 private keys of the Gnosis Safe wallet on the Ethereum chain, transferred ownership of the ProxyAdmin to a wallet under their control, upgraded the bridge contract to a malicious implementation, and subsequently transferred approximately 141.2 million H tokens in a single transaction.Simultaneously, the attacker also gained control of 3 out of 5 private keys of the Safe wallet on the BSC chain, took over the ProxyAdmin using the same method, deployed a malicious contract with unlimited minting functionality, and minted 200 million H tokens in two separate transactions to their own wallet.Humility stated that it has suspended all deposit and withdrawal operations on the affected bridge services and is collaborating with partners such as exchanges to mitigate losses. Meanwhile, it is cooperating with the police investigation and attempting to recover part of the stolen funds.
Gravity Bridge attacker deposits 1,180 ETH into Tornado Cash again
According to on-chain security firm CertiK (@CertiKAlert), the Gravity Bridge attacker recently deposited another 1,180 ETH (approximately $2.06 million) into Tornado Cash. Earlier, on May 30, the attacker exploited the permissionless deployERC20() function by forging the Osmosis token string, tampering with the token registry, and mapping fake balances to real custodial assets—thereby stealing approximately 2,600 ETH (around $5.4 million) from Gravity Bridge. To date, 2,020 ETH of the stolen funds have been transferred to Tornado Cash via two externally owned accounts (EOAs); the remainder has been dispersed across centralized exchanges, making fund recovery significantly challenging.
Blockaid: Alephium-Ethereum Bridge Attacked, Approximately $815,000 in Assets Stolen
Blockaid disclosed on X that the Alephium TokenBridge Ethereum cross-chain bridge was attacked. The attacker compromised three out of four Guardian private keys, forged a Verified Action Approval (VAA) message, and executed the attack within approximately seven minutes, stealing roughly $815,000 worth of assets. During the attack, the attacker minted 13.76 million Wrapped ALPH tokens out of thin air—exceeding the pre-attack circulating supply by over 100%—and simultaneously unlocked and withdrew assets including USDT, USDC, WBTC, and WETH from the custody pool. As of now, the attacker’s address still holds approximately $815,000 in stolen assets and 13.76 million uncollateralized Wrapped ALPH tokens; the largest anomalous transaction involved the out-of-thin-air minting of 13.76 million Wrapped ALPH tokens.
Polymarket Merges Cross-Chain Bridge Deposit Recovery Tool
According to the official documentation of the prediction market platform Polymarket, the Bridge Deposit page has consolidated the previously separate Ethereum and Polygon deposit recovery tools into a single tool, and removed the original "matic-recovery[.]polymarket[.]com" link.
Humanity Releases Security Incident Investigation Report: Attack Methodology Exhibits Characteristics of North Korean Hackers; Mainnet Bridge Unaffected
Humanity announced the independent investigation results from Quantstamp, stating that the security incident—exceeding $31 million—originated from a phishing attack that led to the leakage of private keys. The attackers subsequently gained control of the smart contract and dumped tokens; the tools and tactics employed exhibit characteristics commonly associated with North Korean hacker groups.
MILC Platform Cross-Chain Bridge Suffers Private Key Leak Attack, Sustaining ~$161,000 in Losses
According to on-chain security platform Blockaid (@blockaid_), the MILC Platform cross-chain bridge suffered a private key leak on both the BNB Chain and Ethereum networks. The attacker exploited a historical bridge administrator wallet to grant the DEFAULT_ADMIN_ROLE and MANAGER_ROLE permissions to the attacker’s address. Subsequently, assets were withdrawn from the bridge contract, and administrative control was transferred to the attacker’s wallet. Confirmed losses currently stand at approximately $97,003 USDT (on BNB Chain) and approximately 39.21 ETH (on Ethereum, transferred out via Rhino.fi), totaling roughly $161,000.
Humility Security Incident Update: $36 Million Stolen, Police Investigation Launched to Recover Funds
Humility Protocol released a security incident update on the X platform, stating that its H token suffered a coordinated attack on the Ethereum and BSC chains yesterday, with confirmed losses exceeding $36 million in stolen and dumped assets.Preliminary investigations indicate the incident originated from a compromised employee computer, which led to the leakage of private keys for the multi-signature wallet controlling the Hyperlane Bridge ProxyAdmin. Specifically, the attacker obtained 3 out of 6 private keys of the Gnosis Safe wallet on the Ethereum chain, transferred ownership of the ProxyAdmin to a wallet under their control, upgraded the bridge contract to a malicious implementation, and subsequently transferred approximately 141.2 million H tokens in a single transaction.Simultaneously, the attacker also gained control of 3 out of 5 private keys of the Safe wallet on the BSC chain, took over the ProxyAdmin using the same method, deployed a malicious contract with unlimited minting functionality, and minted 200 million H tokens in two separate transactions to their own wallet.Humility stated that it has suspended all deposit and withdrawal operations on the affected bridge services and is collaborating with partners such as exchanges to mitigate losses. Meanwhile, it is cooperating with the police investigation and attempting to recover part of the stolen funds.
Syscoin Discloses Preliminary Review of Cross-Chain Bridge Incident: Approximately 5 Billion SYS Tokens Abnormally Generated Due to Verification Issues
Syscoin released a preliminary post-mortem of the cross-chain bridge incident, stating that due to a verification issue in the bridging process, the attacker exploited an abnormal transaction proof validation to generate approximately 5 billion SYS tokens abnormally on the UTXO side via the affected bridging path.
Gravity Bridge attacker deposits 1,180 ETH into Tornado Cash again
According to on-chain security firm CertiK (@CertiKAlert), the Gravity Bridge attacker recently deposited another 1,180 ETH (approximately $2.06 million) into Tornado Cash. Earlier, on May 30, the attacker exploited the permissionless deployERC20() function by forging the Osmosis token string, tampering with the token registry, and mapping fake balances to real custodial assets—thereby stealing approximately 2,600 ETH (around $5.4 million) from Gravity Bridge. To date, 2,020 ETH of the stolen funds have been transferred to Tornado Cash via two externally owned accounts (EOAs); the remainder has been dispersed across centralized exchanges, making fund recovery significantly challenging.
Gravity Bridge: $91,000 of Stolen Funds Frozen, Majority of Assets Yet to Be Moved
according to Specter, in collaboration with ChangeNOW, $91,000 of the funds stolen from Gravity Bridge have been frozen. The attacker still holds the majority of the funds, which have not yet been transferred.Previously, it was reported that the private key for Gravity Bridge's bridging contract was leaked, leading to the theft of $5.4 million in assets. The assets extracted by the attacker include: $4.3 million in USDC, 274 WETH (worth approximately $553,000), $434,000 in USDT, and $64,000 in PAYG. The involved addresses are 0x7B58...1F9 and 0x4d3c...A47.
Humanity Releases Security Incident Investigation Report: Attack Methodology Exhibits Characteristics of North Korean Hackers; Mainnet Bridge Unaffected
Humanity announced the independent investigation results from Quantstamp, stating that the security incident—exceeding $31 million—originated from a phishing attack that led to the leakage of private keys. The attackers subsequently gained control of the smart contract and dumped tokens; the tools and tactics employed exhibit characteristics commonly associated with North Korean hacker groups.
Backpack Securities Launches $SPCX Token to Bridge SpaceX Stock with Solana-Based DeFi
According to Backpack’s official tweet, Backpack Securities announced on June 11 that the $SPCX token officially launched on Solana via SunriseDeFi following SpaceX’s Nasdaq listing. Users can trade stocks on the Backpack platform and freely transfer assets between traditional brokerages and Solana-based DeFi wallets through deposit and withdrawal operations.
Humility Security Incident Update: $36 Million Stolen, Police Investigation Launched to Recover Funds
Humility Protocol released a security incident update on the X platform, stating that its H token suffered a coordinated attack on the Ethereum and BSC chains yesterday, with confirmed losses exceeding $36 million in stolen and dumped assets.Preliminary investigations indicate the incident originated from a compromised employee computer, which led to the leakage of private keys for the multi-signature wallet controlling the Hyperlane Bridge ProxyAdmin. Specifically, the attacker obtained 3 out of 6 private keys of the Gnosis Safe wallet on the Ethereum chain, transferred ownership of the ProxyAdmin to a wallet under their control, upgraded the bridge contract to a malicious implementation, and subsequently transferred approximately 141.2 million H tokens in a single transaction.Simultaneously, the attacker also gained control of 3 out of 5 private keys of the Safe wallet on the BSC chain, took over the ProxyAdmin using the same method, deployed a malicious contract with unlimited minting functionality, and minted 200 million H tokens in two separate transactions to their own wallet.Humility stated that it has suspended all deposit and withdrawal operations on the affected bridge services and is collaborating with partners such as exchanges to mitigate losses. Meanwhile, it is cooperating with the police investigation and attempting to recover part of the stolen funds.
Syscoin Discloses Preliminary Review of Cross-Chain Bridge Incident: Approximately 5 Billion SYS Tokens Abnormally Generated Due to Verification Issues
Syscoin released a preliminary post-mortem of the cross-chain bridge incident, stating that due to a verification issue in the bridging process, the attacker exploited an abnormal transaction proof validation to generate approximately 5 billion SYS tokens abnormally on the UTXO side via the affected bridging path.
Backpack Launches Securities Platform to Bridge Traditional and Digital Asset Markets
Cryptocurrency exchange Backpack announced the launch of Backpack Securities, enabling investors to buy, hold, and sell real stocks backed by regulated U.S. securities infrastructure—entitling them to dividends, corporate actions, and rights under systems such as ACATS and DTCC. Additionally, positions can be converted into tokenized securities freely transferable and tradable 24/7 on public blockchains like Solana. Orders are routed directly into U.S. equity market liquidity pools, with execution prices reflecting real-time market prices.
Blockaid: Alephium-Ethereum Bridge Attacked, Approximately $815,000 in Assets Stolen
Blockaid disclosed on X that the Alephium TokenBridge Ethereum cross-chain bridge was attacked. The attacker compromised three out of four Guardian private keys, forged a Verified Action Approval (VAA) message, and executed the attack within approximately seven minutes, stealing roughly $815,000 worth of assets. During the attack, the attacker minted 13.76 million Wrapped ALPH tokens out of thin air—exceeding the pre-attack circulating supply by over 100%—and simultaneously unlocked and withdrew assets including USDT, USDC, WBTC, and WETH from the custody pool. As of now, the attacker’s address still holds approximately $815,000 in stolen assets and 13.76 million uncollateralized Wrapped ALPH tokens; the largest anomalous transaction involved the out-of-thin-air minting of 13.76 million Wrapped ALPH tokens.
Related news
Humanity Releases Security Incident Investigation Report: Attack Methodology Exhibits Characteristics of North Korean Hackers; Mainnet Bridge Unaffected
Humanity announced the independent investigation results from Quantstamp, stating that the security incident—exceeding $31 million—originated from a phishing attack that led to the leakage of private keys. The attackers subsequently gained control of the smart contract and dumped tokens; the tools and tactics employed exhibit characteristics commonly associated with North Korean hacker groups.
Backpack Securities Launches $SPCX Token to Bridge SpaceX Stock with Solana-Based DeFi
According to Backpack’s official tweet, Backpack Securities announced on June 11 that the $SPCX token officially launched on Solana via SunriseDeFi following SpaceX’s Nasdaq listing. Users can trade stocks on the Backpack platform and freely transfer assets between traditional brokerages and Solana-based DeFi wallets through deposit and withdrawal operations.
MILC Platform Cross-Chain Bridge Suffers Private Key Leak Attack, Sustaining ~$161,000 in Losses
According to on-chain security platform Blockaid (@blockaid_), the MILC Platform cross-chain bridge suffered a private key leak on both the BNB Chain and Ethereum networks. The attacker exploited a historical bridge administrator wallet to grant the DEFAULT_ADMIN_ROLE and MANAGER_ROLE permissions to the attacker’s address. Subsequently, assets were withdrawn from the bridge contract, and administrative control was transferred to the attacker’s wallet. Confirmed losses currently stand at approximately $97,003 USDT (on BNB Chain) and approximately 39.21 ETH (on Ethereum, transferred out via Rhino.fi), totaling roughly $161,000.
Humility Security Incident Update: $36 Million Stolen, Police Investigation Launched to Recover Funds
Humility Protocol released a security incident update on the X platform, stating that its H token suffered a coordinated attack on the Ethereum and BSC chains yesterday, with confirmed losses exceeding $36 million in stolen and dumped assets.Preliminary investigations indicate the incident originated from a compromised employee computer, which led to the leakage of private keys for the multi-signature wallet controlling the Hyperlane Bridge ProxyAdmin. Specifically, the attacker obtained 3 out of 6 private keys of the Gnosis Safe wallet on the Ethereum chain, transferred ownership of the ProxyAdmin to a wallet under their control, upgraded the bridge contract to a malicious implementation, and subsequently transferred approximately 141.2 million H tokens in a single transaction.Simultaneously, the attacker also gained control of 3 out of 5 private keys of the Safe wallet on the BSC chain, took over the ProxyAdmin using the same method, deployed a malicious contract with unlimited minting functionality, and minted 200 million H tokens in two separate transactions to their own wallet.Humility stated that it has suspended all deposit and withdrawal operations on the affected bridge services and is collaborating with partners such as exchanges to mitigate losses. Meanwhile, it is cooperating with the police investigation and attempting to recover part of the stolen funds.
Syscoin Discloses Preliminary Review of Cross-Chain Bridge Incident: Approximately 5 Billion SYS Tokens Abnormally Generated Due to Verification Issues
Syscoin released a preliminary post-mortem of the cross-chain bridge incident, stating that due to a verification issue in the bridging process, the attacker exploited an abnormal transaction proof validation to generate approximately 5 billion SYS tokens abnormally on the UTXO side via the affected bridging path.
Gravity Bridge attacker deposits 1,180 ETH into Tornado Cash again
According to on-chain security firm CertiK (@CertiKAlert), the Gravity Bridge attacker recently deposited another 1,180 ETH (approximately $2.06 million) into Tornado Cash. Earlier, on May 30, the attacker exploited the permissionless deployERC20() function by forging the Osmosis token string, tampering with the token registry, and mapping fake balances to real custodial assets—thereby stealing approximately 2,600 ETH (around $5.4 million) from Gravity Bridge. To date, 2,020 ETH of the stolen funds have been transferred to Tornado Cash via two externally owned accounts (EOAs); the remainder has been dispersed across centralized exchanges, making fund recovery significantly challenging.