News linked to both this project and an event.
Andre Cronje stated most current decentralized finance (DeFi) protocols no longer qualify as "DeFi in the strict sense" and are closer to commercial systems operated by teams. This has sparked industry division over whether "circuit breakers" should be introduced to mitigate attack risks.In an interview, Andre Cronje pointed out that early DeFi centered on immutable smart contracts, but today many protocols rely on upgradeable contracts, multi-signature permissions, off-chain infrastructure, and manual operational processes. In essence, they have transitioned from "immutable public goods" to "operable, for-profit businesses." He noted that against the backdrop of recent security incidents, including DeFi attacks involving approximately $280 million and $293 million, industry risks have expanded from simple smart contract vulnerabilities to "Web2-style risks" such as infrastructure issues, permission controls, and social engineering attacks.Regarding risk management, Cronje's firm Flying Tulip recently introduced circuit breakers that delay or queue withdrawals during abnormal fund outflows, providing an emergency response window of about six hours to prevent systemic bank runs and further losses.However, this mechanism has also sparked controversy. Michael Egorov believes that circuit breakers may introduce new centralized attack surfaces. If controlled by signers or administrators, they could instead become new security vulnerabilities or sources of freezing risk. He emphasized that DeFi design should minimize human intervention rather than increase manual control points. Industry analysts pointed out that this debate essentially reflects how DeFi is shifting from the ideal model of "code is law" toward a practical architecture of "hybrid governance plus operational control," while the security boundaries are being redefined. (Cointelegraph)
According to Cointelegraph, Robinhood users have recently fallen victim to a phishing attack. Attackers exploited Gmail’s feature of ignoring periods (“.”) in email usernames, along with a vulnerability in Robinhood’s account creation process, to register accounts with email addresses highly similar to those of their targets. This enabled them to trick Robinhood’s official email server into delivering spoofed alert emails containing phishing links directly to victims’ inboxes. Cybersecurity researcher Alex Eckelberry noted that these emails pass SPF, DKIM, and DMARC authentication checks and thus appear to originate from Robinhood’s official domain. Robinhood stated that this incident does not involve any breach of its systems or customer accounts, and user funds and personal information remain unaffected. However, the company urges users to delete such emails and avoid clicking any suspicious links.
: The U.S. Department of Justice (DOJ) announced that a 22-year-old California man, Evan Tangeman, has been sentenced to 70 months (approximately 5 years and 10 months) in prison, followed by 3 years of supervised release, for his involvement in a criminal organization that stole approximately $263 million in crypto assets through social engineering fraud and home invasions.According to court documents, Tangeman pleaded guilty in December 2025, admitting to helping the criminal network launder at least $3.5 million in illicit funds.The criminal group allegedly used the stolen funds for lavish spending, including multi-million dollar nightclub bills, Lamborghini sports cars, and high-end assets like Rolex watches.U.S. District Attorney for the District of Columbia, Jeanine Pirro, stated in a release that the organization "built a criminal system based on nearly absurd greed," emphasizing that Tangeman not only participated in money laundering but also destroyed evidence after his accomplices were arrested, demonstrating clear criminal intent.This sentencing comes as data shows that the crypto industry suffered $482 million in losses from scams and hacks in the first quarter of 2026, with social engineering fraud and physical violent robberies on the rise. (Cointelegraph)
According to Cointelegraph, the widespread adoption of AI is driving up the number of submissions to cryptocurrency industry bug bounty programs—but a flood of low-quality “AI spam” reports has also emerged, placing a heavy burden on protocol teams for triaging. Barry Plunkett, Co-CEO of Cosmos Labs, stated that submission volume to its platform surged 900% year-on-year, with 20–50 reports received daily; Kadan Stadelmann, CTO of Komodo Platform, likewise noted a marked rise in low-quality and false-positive reports, attributing the root cause primarily to AI’s drastic reduction in the cost of generating reports. Daniel Stenberg, creator of the open-source tool curl, has already shut down his bug bounty program outright due to being overwhelmed. In response, industry insiders recommend that teams deploy defensive AI systems to automatically triage reports and adopt stricter submission criteria—reducing the volume of invalid reports and ensuring genuine vulnerabilities receive timely attention.
Odaily News: Privacy protocol Umbra has shut down its hosted frontend website to prevent attackers from using the protocol to transfer stolen funds from a recent security incident. Umbra stated that approximately $800,000 in funds were transferred through its protocol, but the protocol only hides the recipient's identity, and the related transactions can still be tracked on-chain. This measure follows the attack on the Kelp protocol, which resulted in losses exceeding $280 million. Umbra said it will restore frontend services after confirming it does not affect asset recovery efforts, but it cannot prevent users from continuing to use the protocol via smart contracts or self-hosted frontends. (Cointelegraph)
According to Cointelegraph, Admiral Samuel Paparo of the U.S. Navy stated at a hearing before the Senate Armed Services Committee that Bitcoin is a “valuable computer science tool,” and that its proof-of-work technology holds significant applications in cybersecurity—increasing attackers’ costs and enabling the protection of data, information, and command signals, thereby supporting U.S. national security interests. Paparo noted: “Beyond the economic dimension, it has extremely important computer science applications in cybersecurity.” Earlier, in 2023, Jason Lowery of the U.S. Space Force expressed a similar view.
According to Cointelegraph, DefiLlama data shows that there have been 518 hacking incidents in the crypto space over the past decade, resulting in cumulative losses exceeding $1.7 billion. A significant portion of these losses stemmed from private key leaks, phishing attacks, and other credential-based attacks. As smart contract security continues to improve, attackers are increasingly shifting their focus toward wallet security, signature infrastructure, development tools, and user operations. Recently, Kelp DAO’s rsETH cross-chain bridge was attacked, with approximately 116,500 rsETH tokens stolen—valued at roughly $290–293 million at the time of the incident.
According to Cointelegraph, stablecoin issuer Circle faces a class-action lawsuit in the U.S. District Court for the District of Massachusetts for failing to freeze stolen funds during the Drift Protocol hack on April 1. Plaintiffs allege that attackers transferred approximately $230 million worth of USDC from Solana to Ethereum via Circle’s cross-chain transfer protocol (CCTP) within hours—and that Circle failed to intervene. The lawsuit accuses Circle of aiding and abetting conversion and of negligence. Cryptocurrency analytics firm Elliptic previously suspected the attack may be linked to North Korea–backed hackers; the stolen funds were subsequently converted into ETH and laundered through Tornado Cash.
According to Cointelegraph, Jean-Didier Berger, representative of France’s Minister of the Interior, stated at Paris Blockchain Week that France is preparing new measures to protect cryptocurrency holders. He revealed that authorities have launched a preventive platform, which has already attracted thousands of registrants, and are jointly developing a more robust response plan with Interior Minister Laurent Nuñez—expected to be implemented within the coming weeks. Against this backdrop, 41 crypto-related kidnappings have occurred in France in 2026—averaging one every 2.5 days. Globally, such “wrench attacks” rose 75% year-on-year in 2025, with France being the most severely affected country worldwide, accounting for approximately 40% of all such incidents in Europe.
According to Cointelegraph, Cypherpunk Jameson Lopp and several other Bitcoin quantum-security experts have proposed Bitcoin Improvement Proposal BIP-361, recommending the freezing of quantum-vulnerable addresses—including the Satoshi Nakamoto reserve—to prevent future quantum computers from stealing approximately 1.7 million bitcoins. The proposal proceeds in three phases: first, prohibiting transfers to legacy addresses; second, invalidating legacy signatures and freezing unmigrated assets after five years; and third, enabling partial users to recover frozen funds via zero-knowledge proof mechanisms. The proposal aims to drive the entire network’s migration to quantum-resistant addresses, but has drawn opposition from some community members who argue it violates Bitcoin’s decentralization principles and carries authoritarian and confiscatory characteristics.
According to Cointelegraph, Hacken, a blockchain security firm, released its Q1 2026 report revealing that Web3 projects suffered $464.5 million in losses due to hacking and scams during the quarter. Phishing and social engineering attacks accounted for $306 million—making them the primary source of losses. A hardware wallet scam in January alone caused $282 million in losses, representing 81% of the quarter’s total losses. Smart contract vulnerabilities led to $86.2 million in losses, while failures in access control—including compromised private keys and cloud services—resulted in $71.9 million in losses. The report notes that the largest security incidents predominantly occurred in off-chain operations and infrastructure layers—areas typically beyond the scope of traditional audits. Europe’s regulatory frameworks, MiCA and DORA, are increasingly imposing stricter requirements on security monitoring and incident response, and global regulators are also raising standards for real-time monitoring and emergency response.
According to Cointelegraph, researchers from the University of California recently revealed security risks in certain third-party AI large language model (LLM) routers that could lead to the theft of cryptocurrency assets. The study found that LLM routers—acting as API intermediaries—can read plaintext information; some routers were discovered injecting malicious code and stealing credentials. The research team tested 28 paid and 400 free routers, identifying nine routers that actively injected malicious code, two that deployed trigger-avoidance mechanisms, and 17 that accessed Amazon Web Services (AWS) credentials. One router even transferred ETH using the researchers’ Ethereum private key. The study notes that malicious behavior by routers is difficult to detect, and the “YOLO mode” present in some AI agent frameworks—which automatically executes commands—further increases security risks. Researchers recommend that developers avoid transmitting private keys or mnemonic phrases through AI agents and urge AI companies to implement cryptographic signing of responses to enhance security.
According to Cointelegraph, the joint U.S., U.K., and Canadian law enforcement operation “Operation Atlantic” concluded in March this year, led by the U.K.’s National Crime Agency (NCA). The operation froze over $12 million in assets suspected to be proceeds of fraud, identified more than 20,000 victims, and involved total fraud losses exceeding $45 million. The operation focused on authorized phishing attacks—a scam technique that tricks users into signing malicious authorizations, thereby granting attackers permission to transfer tokens from their wallets. Binance participated in the operation, providing account screening and fraud intelligence support; however, no funds were frozen from its platform.