News linked to both this project and an event.
Syscoin has released a security incident report detailing the UTXO-to-NEVM bridge vulnerability. According to the report, this incident resulted in the unauthorized release of approximately 5 billion SYS tokens on the UTXO side. The affected funds have since been returned to the official recovery address and permanently destroyed using the standard OP_RETURN mechanism, rendering them unusable by the protocol. As a result, the on-chain SYS supply has reverted to its expected value. The bridge functionality remains suspended while the team completes its final review and remediation efforts.
Humanity announced the independent investigation results from Quantstamp, stating that the security incident—exceeding $31 million—originated from a phishing attack that led to the leakage of private keys. The attackers subsequently gained control of the smart contract and dumped tokens; the tools and tactics employed exhibit characteristics commonly associated with North Korean hacker groups.
According to on-chain security platform Blockaid (@blockaid_), the MILC Platform cross-chain bridge suffered a private key leak on both the BNB Chain and Ethereum networks. The attacker exploited a historical bridge administrator wallet to grant the DEFAULT_ADMIN_ROLE and MANAGER_ROLE permissions to the attacker’s address. Subsequently, assets were withdrawn from the bridge contract, and administrative control was transferred to the attacker’s wallet. Confirmed losses currently stand at approximately $97,003 USDT (on BNB Chain) and approximately 39.21 ETH (on Ethereum, transferred out via Rhino.fi), totaling roughly $161,000.
Humility Protocol released a security incident update on the X platform, stating that its H token suffered a coordinated attack on the Ethereum and BSC chains yesterday, with confirmed losses exceeding $36 million in stolen and dumped assets.Preliminary investigations indicate the incident originated from a compromised employee computer, which led to the leakage of private keys for the multi-signature wallet controlling the Hyperlane Bridge ProxyAdmin. Specifically, the attacker obtained 3 out of 6 private keys of the Gnosis Safe wallet on the Ethereum chain, transferred ownership of the ProxyAdmin to a wallet under their control, upgraded the bridge contract to a malicious implementation, and subsequently transferred approximately 141.2 million H tokens in a single transaction.Simultaneously, the attacker also gained control of 3 out of 5 private keys of the Safe wallet on the BSC chain, took over the ProxyAdmin using the same method, deployed a malicious contract with unlimited minting functionality, and minted 200 million H tokens in two separate transactions to their own wallet.Humility stated that it has suspended all deposit and withdrawal operations on the affected bridge services and is collaborating with partners such as exchanges to mitigate losses. Meanwhile, it is cooperating with the police investigation and attempting to recover part of the stolen funds.
Syscoin released a preliminary post-mortem of the cross-chain bridge incident, stating that due to a verification issue in the bridging process, the attacker exploited an abnormal transaction proof validation to generate approximately 5 billion SYS tokens abnormally on the UTXO side via the affected bridging path.
According to on-chain security firm CertiK (@CertiKAlert), the Gravity Bridge attacker recently deposited another 1,180 ETH (approximately $2.06 million) into Tornado Cash. Earlier, on May 30, the attacker exploited the permissionless deployERC20() function by forging the Osmosis token string, tampering with the token registry, and mapping fake balances to real custodial assets—thereby stealing approximately 2,600 ETH (around $5.4 million) from Gravity Bridge. To date, 2,020 ETH of the stolen funds have been transferred to Tornado Cash via two externally owned accounts (EOAs); the remainder has been dispersed across centralized exchanges, making fund recovery significantly challenging.
according to Specter, in collaboration with ChangeNOW, $91,000 of the funds stolen from Gravity Bridge have been frozen. The attacker still holds the majority of the funds, which have not yet been transferred.Previously, it was reported that the private key for Gravity Bridge's bridging contract was leaked, leading to the theft of $5.4 million in assets. The assets extracted by the attacker include: $4.3 million in USDC, 274 WETH (worth approximately $553,000), $434,000 in USDT, and $64,000 in PAYG. The involved addresses are 0x7B58...1F9 and 0x4d3c...A47.
The Cosmos ecosystem’s cross-chain bridge Gravity Bridge was reportedly attacked due to a leaked signature key, resulting in approximately $5.4 million in stolen assets. The official team has confirmed the security incident and has urgently suspended bridging services to conduct an investigation. Validators have also been instructed to halt their validator nodes and coordinators. It is reported that the bridge’s contract keys may have been compromised.
Blockaid disclosed on X that the Alephium TokenBridge Ethereum cross-chain bridge was attacked. The attacker compromised three out of four Guardian private keys, forged a Verified Action Approval (VAA) message, and executed the attack within approximately seven minutes, stealing roughly $815,000 worth of assets. During the attack, the attacker minted 13.76 million Wrapped ALPH tokens out of thin air—exceeding the pre-attack circulating supply by over 100%—and simultaneously unlocked and withdrew assets including USDT, USDC, WBTC, and WETH from the custody pool. As of now, the attacker’s address still holds approximately $815,000 in stolen assets and 13.76 million uncollateralized Wrapped ALPH tokens; the largest anomalous transaction involved the out-of-thin-air minting of 13.76 million Wrapped ALPH tokens.
On-chain monitoring shows that the cross-chain bridge Gravity Bridge may have suffered a security incident due to a smart contract private key leak, affecting assets including USDC, WETH, and USDT, with total losses amounting to approximately $5.4 million.
According to PeckShield monitoring, the Verus-Ethereum Bridge has been hacked, resulting in the loss of assets including 103.6 tBTC, 1,625 ETH, and 147,000 USDC. The hacker subsequently swapped the stolen assets for approximately 5,402.4 ETH. The attacker's address received an initial 1 ETH approximately 14 hours ago via the mixing protocol Tornado Cash.
Odaily News: Blockaid posted on platform X, stating that its vulnerability detection system has discovered an attack on the Verus Ethereum cross-chain bridge, which has so far caused losses of approximately $11.58 million.
Sky (formerly MakerDAO) announced on X that the cross-chain bridging of USDS OFT on the Solana network, which was suspended due to the security review of the rsETH vulnerability incident, has resumed operation.Sky emphasized that during the review, its USDS-related contracts and the protocol itself were not affected. USDS has always maintained a fully overcollateralized state as designed, which can be verified in real-time on-chain. The suspension was a precautionary security measure. Currently, the bridging function on the Solana side has been reopened, while the Avalanche-related bridging will resume after further review is completed.
Syndicate announced on X platform that, regarding the latest developments in the Syndicate bridge security incident, all affected SYND holders on Commons Chain have been fully compensated, and have received an additional 15% payout on top of their total losses. The relevant funds have been sent directly to the affected users' Base chain wallets, with gas fees covered by Syndicate Labs. This compensation totals 12.901 million SYND, and no claim page operation is required.
According to Cointelegraph, U.S. law firm Gerstein Harrow LLP has filed an application with the U.S. District Court for the Southern District of New York seeking a temporary restraining order and three writs of execution to prevent the Arbitrum DAO from transferring 30,766 ETH (valued at approximately $73 million) frozen following the Kelp vulnerability. The firm argues that its clients obtained default judgments against North Korea in U.S. courts in 2010, 2015, and 2016, entitling them to roughly $877 million in compensation—and contends that the stolen ETH constitutes North Korean-linked assets that should be used to satisfy those judgments. Kelp DAO suffered a $292 million hack on April 18; the attacker was identified as TraderTraitor, a subgroup of the North Korean state-sponsored hacking group Lazarus Group. Aave Labs previously proposed unfreezing the seized funds and transferring them into the “DeFi United” fund to compensate rsETH holders—but this legal action by Gerstein Harrow may significantly delay compensation for victims. Members of the Arbitrum DAO community have criticized the move, arguing it shifts the burden of North Korea’s debts onto another set of victims, thereby exacerbating the original harm. Gerstein Harrow had previously pursued litigation related to the 2023 Heco Bridge hack involving Teth
Syndicate Labs disclosed a security incident: an attacker compromised the system through a private key leak and maliciously upgraded the cross-chain bridge contracts on two chains, leading to the transfer of approximately 18.5 million SYND and about $50,000 in user assets. The attack originated from a compromised development endpoint. The attacker exploited production environment permissions to upgrade the bridge contracts to a malicious version, but other chains were unaffected. The losses include:Commons Bridge: Approximately 18.5 million SYND were transferred and sold, worth roughly $330,000.Another Appchain: Approximately $50,000 in user assets were transferred.Syndicate Labs stated that affected SYND holders will receive full compensation, along with additional excess compensation, leaving their overall holdings higher than before the incident. Affected users on the Appchain will also be fully reimbursed for their losses.
According to CertiK, Syndicate Protocol suffered an exploit due to a security breach in the Commons cross-chain bridge. The attacker exploited the vulnerability to acquire approximately 18.5 million SYND tokens, which were subsequently sold for roughly $330,000. The related funds have already been transferred to the Ethereum network via the cross-chain bridge. Syndicate’s official response states that it is investigating the security incident involving the Commons bridge. The team is tracking the attack and collaborating with security firms. It is also evaluating various options to compensate affected users. Syndicate holds sufficient token reserves to assist users who lost SYND.
According to CoinDesk, Kelp DAO’s LayerZero-based cross-chain bridge was attacked, with the attacker withdrawing 116,500 rsETH—worth approximately $292 million at current prices, or roughly 18% of its circulating supply. This incident has become the largest DeFi attack of 2026 to date. In response, Aave, SparkLend, and Fluid have frozen rsETH-related markets, and Lido Finance has suspended new deposits into its earnETH product. Kelp DAO stated it is jointly investigating the incident with LayerZero, auditing firms, and external security experts.
Odaily News On-chain data indicates that Kelp DAO's rsETH bridge protocol based on LayerZero is suspected of being exploited by hackers, resulting in a loss of 116,500 rsETH, valued at approximately $292 million.
Decentralized GPU cloud computing infrastructure platform Aethir confirmed that its Ethereum-related bridge contract was attacked. The team promptly disconnected the affected contract and, in collaboration with major exchanges, blacklisted the hacker’s wallet, limiting losses to under $90,000. Earlier, blockchain security firm PeckShield estimated losses at $400,000. The attacker exploited Aethir’s cross-chain smart contract, AethirOFTAdapter, to transfer stolen funds from BNB Chain to Tron. Aethir stated that its Ethereum mainnet ATH token supply remains unaffected. It plans to release a detailed compensation plan and incident analysis next week and will collaborate with exchanges including Binance, Upbit, and Bithumb to freeze funds. Web3 security platform ZeroShadow is assisting with the investigation. In 2025, Aethir achieved $127.8 million in revenue and deployed over 440,000 GPU containers globally.