News linked to both this project and an event.
SlowMist released a technical analysis stating that the deprecated Aztec Connect RollupProcessor contract was attacked due to a settlement boundary bypass vulnerability, resulting in approximately $2.19 million worth of assets being stolen from the protocol.
Odaily Seer monitoring shows that Polymarket has launched a new prediction event titled "Was Zcash's Orchard privacy pool confirmed to have been exploited?"On June 4, Zcash's core development team revealed that they had deployed an emergency network upgrade to fix a critical cryptographic vulnerability in the Orchard privacy pool. This flaw could have potentially allowed a malicious attacker to arbitrarily forge unlimited amounts of ZEC. Due to the vulnerability's characteristic that "it is impossible to cryptographically prove whether it was exploited in the past," independent support organization Shielded Labs subsequently proposed on June 5 to deploy a new privacy pool during the NU7 upgrade at the end of July. They also suggested implementing strict "Turnstile-accounting" audits for tokens exiting Orchard to investigate whether any forged tokens exist. According to the settlement rules for this prediction event, if before December 31, 2026, official sources or mainstream credible media confirm that the vulnerability was effectively exploited on the mainnet before being patched, the event will settle as YES.Odaily Seer continues to monitor prediction markets, seeing changes before pricing.
Syscoin released a preliminary post-mortem of the cross-chain bridge incident, stating that due to a verification issue in the bridging process, the attacker exploited an abnormal transaction proof validation to generate approximately 5 billion SYS tokens abnormally on the UTXO side via the affected bridging path.
According to the THORChain blog, ZEC is in the queue for launch on THORChain. However, due to a recent vulnerability disclosed in Zcash—whose existing patch impacts integrators’ normal operations—THORChain must first complete a minor code modification to its Bifrost module before proceeding. The development team stated that the change is minimal but must be completed prior to ZEC’s launch. Monero (XMR) is currently expected to launch by the end of this month, with ZEC scheduled to follow.
Arthur Hayes (@CryptoHayes), co-founder of BitMEX and CIO of Maelstrom Fund, stated in a post that he has liquidated his entire $ZEC position following a vulnerability exploit targeting ZEC’s Orchard Pool. Hayes noted that although malicious minting is highly unlikely, it cannot be cryptographically proven impossible; privacy narratives demand “perfection,” not merely “probable security.” He added that if the underlying assumptions are later falsified, he does not rule out repurchasing $ZEC at a lower price. His team continues to hold a $WLD position and maintains a bullish stance.
on May 29, 2026, Taylor Hornby discovered a critical counterfeiting vulnerability in Zcash's Orchard pool. Taylor Hornby reported the vulnerability to the Zcash Open Development Lab, and after coordinated efforts, a fix was completed on June 2. The vulnerability could have been exploited to secretly create an unlimited number of counterfeit ZEC within Zcash Orchard. Due to the privacy features of Orchard, it is cryptographically impossible to determine whether the vulnerability was exploited before the fix was deployed.The vulnerability had existed since Orchard's activation in May 2022 until an emergency fix was deployed on June 1, 2026. Taylor Hornby, with the assistance of AI tools, wrote a complete exploit program and generated an infinite, undetectable amount of counterfeit ZEC in a local test environment. Shielded Labs is currently collaborating with other Zcash developers to explore network upgrade proposals that would allow anyone to verify the integrity of Zcash's supply.
edgeX released the latest statement on the abnormal price volatility of the EDGE token, stating that the protocol has not been attacked in any form, and that this incident was not caused by a hacker attack, exploit, or security vulnerability.edgeX stated that currently available information indicates this abnormal volatility was caused by certain external parties deliberately manipulating the market price of EDGE. This is a matter of market integrity, not a platform security issue.The team stated that it is actively cooperating with relevant exchanges and partner platforms in the investigation. A more comprehensive incident report will be published after the investigation is complete.
Syndicate Labs stated that after five years of developing on-chain infrastructure for customizable Ethereum Rollups and sequencers, the company has decided to shut down due to a drastic contraction in the Rollup market. Syndicate Labs previously completed a $20 million Series A funding round led by Andreessen Horowitz in 2021.This decision caused the SYND token price to drop 21% in the past three hours, hitting an all-time low of $0.012, a 99.5% decline from its peak of $2.61 in September 2025.Additionally, Syndicate Labs stated that the Syndicate Network Collective operates independently of Syndicate Labs, so the governance of the SYND token will not be immediately affected. The decision to shut down was not influenced by the previous hacking incident involving bridged assets.
Curvance posted on platform X, stating that at approximately 6:00 PM EST today (Beijing time), it noticed an anomaly in the Echo eBTC market on the Curvance platform. Currently, there are no indications that the Curvance smart contract has been attacked or compromised. Due to its fully isolated market architecture, other markets remain unaffected. As a precautionary measure, the team has suspended the affected market and is investigating the cause of the incident together with ecosystem partners. Further updates will be announced as more information becomes available.
Odaily Odaily, THORChain posted on platform X that its developers have released an incident update on Discord. Current evidence points to a node thor16uc...cn84q, which recently joined the network, as being associated with the attack. This node is operated by a single malicious actor. The primary hypothesis is that the attacker exploited a vulnerability in the GG20 TSS implementation, causing sensitive key material of vault participants to leak over time. This ultimately enabled the reconstruction of the vault's private key and the execution of unauthorized outgoing transactions.Regarding network status, the network has been paused after multiple node operators executed `make pause`. RUNE transfers and on-chain observation may resume within approximately 12 hours, but transactions, LP operations, signing, and other sensitive operations remain paused.Discussed recovery plans include slashing the affected node's bond, covering losses with protocol-owned liquidity (POL), or other community-driven solutions. THORSec and Outrider Analytics are continuing their investigation. The Treasury is gathering forensic data and coordinating with relevant law enforcement agencies. Full functional recovery is expected to take several days or longer.
Ranger Finance co-founder cobra stated that Ranger Finance is winding down operations. Some personnel and vendors who collaborated with, built, and supported the project have not received full payment. He explained that during periods of cash shortage, the founders personally injected funds to keep operations running and advanced fundraising efforts within MetaDAO; however, the delayed fundraising led to an accumulation of unpaid bills. After the fundraising was completed, the project only secured approximately two months of runway before the funds were returned. Ranger Finance noted that treasury liquidation exceeded expectations, negatively impacting employees, vendors, and growth budgets. Subsequently, the Drift vulnerability further hampered project progress. Vault users affected by the Drift vulnerability will receive recovered tokens when distributed by the Drift team.
According to Cointelegraph, DeFi protocol Aave filed an emergency motion in New York on Monday seeking to vacate a restraining notice issued by U.S. law firm Gerstein Harrow LLP, which prevents the Arbitrum DAO from transferring 30,766 ETH to victims of the Kelp exploit. Gerstein Harrow LLP served the restraining notice on the Arbitrum DAO last Friday, asserting that its client is entitled to over $877 million in damages under a default judgment against North Korea. The firm claims that the North Korean hacking group behind the April 18 Kelp exploit previously held these tokens and that its client therefore holds a legal claim to the relevant ETH.
According to CertiK, Syndicate Protocol suffered an exploit due to a security breach in the Commons cross-chain bridge. The attacker exploited the vulnerability to acquire approximately 18.5 million SYND tokens, which were subsequently sold for roughly $330,000. The related funds have already been transferred to the Ethereum network via the cross-chain bridge. Syndicate’s official response states that it is investigating the security incident involving the Commons bridge. The team is tracking the attack and collaborating with security firms. It is also evaluating various options to compensate affected users. Syndicate holds sufficient token reserves to assist users who lost SYND.
According to on-chain analyst PeckShield (@PeckShieldAlert), a user’s Alchemix Yearn yvVault position (token $yvWETH) was attacked, resulting in an estimated loss of approximately $1 million. The root cause of the attack lies in the user’s prior approval grant to an unverified contract (contract address: 0x143a), deployed 10 days ago. Reverse-engineering analysis revealed that this contract contains a vulnerability enabling arbitrary call execution. Exploiting this vulnerability, the attacker successfully transferred the victim’s yvVault position. PeckShield has now publicly disclosed the specific logic of this vulnerability. Users are advised to review and revoke token approvals granted to unknown or unverified contracts to mitigate asset risks.
Currently, the LayerZero Labs DVN has resumed operations and announced that it will no longer sign or verify messages for applications still using the 1/1 configuration. LayerZero has collaborated with multiple law enforcement agencies worldwide and is actively assisting in tracking the stolen funds.
According to on-chain analytics platform Lookonchain (@lookonchain), an OTC whale previously purchased 163,405 ETH (approximately $440 million) and 4,000 cbBTC (approximately $296 million). Due to the KelpDAO rsETH cross-chain bridge vulnerability, this whale was unable to withdraw ETH normally from Aave and was forced to discount-swap 7,438 aEthWETH (approximately $16.83 million) for 1,930 stETH and 5,272 ETH, incurring a loss of approximately 237 ETH (about $540,000). The whale has since withdrawn 98,032 wstETH (approximately $272 million) and 3,000 cbBTC (approximately $221.6 million) from Aave, leaving 10,000 ETH (approximately $22.8 million) still deposited in Aave.
Odaily News France has become a hotspot for wrench attacks, with at least 41 cryptocurrency-related kidnappings and home invasions reported this year, averaging one incident every 2.5 days. Jean-Didier Berger, the Deputy Minister of the Interior, stated that a series of new measures are being prepared with Interior Minister Laurent Nuñez to address this issue.A wrench attack refers to the use of physical violence to force victims to transfer crypto assets. Data from Certik and Jameson Lopp shows that globally, there were 72 verified cases of physical coercion in 2025, a 75% year-on-year increase, with cases involving physical assaults rising by 250%. Ledger co-founder David Balland was kidnapped in France in January 2025. Security researchers point out that attackers are shifting from targeting wallets to hunting individuals, using social media and leaked data to identify targets. Due to the irreversible nature of crypto transactions, attackers often convert illicit proceeds into stablecoins and transfer them across chains to evade tracking. Experts recommend using tools such as multi-signature wallets, withdrawal delays, and spending limits to reduce the risk of attack.
According to a post by Lido, the Lido Earn team is aware of the developments regarding the Kelp DAO exploit, and earnETH has exposure to rsETH. As a precautionary measure, additional deposits to earnETH have been paused while the situation is being assessed with relevant partners. More details will be announced later.
According to The Block, Circle CEO Jeremy Allaire responded at a press conference in Seoul, South Korea, to criticism over Circle’s decision not to freeze the stolen USDC involved in the Drift incident. He stated that Circle fulfills its legal obligations and freezes wallets only upon instruction from law enforcement agencies or courts; unilaterally freezing assets would constitute a “major ethical dilemma.” He also revealed that Circle is engaging with U.S. legislative bodies regarding the Clarity Act, seeking to establish a “safe harbor” mechanism for stablecoin issuers in extreme circumstances—but emphasized that any such authority must be explicitly granted through legislation, not exercised unilaterally by the company.
According to The Block, U.S. musician Garrett Dutton (stage name G. Love) lost 5.9 BTC—worth approximately $420,000—after downloading and using a counterfeit Ledger wallet app from the App Store and entering his recovery phrase. On-chain analyst ZachXBT discovered that the attacker laundered the stolen Bitcoin via the KuCoin platform. This incident once again exposes the security risks posed by fake wallet apps, reminding users to exercise heightened caution when downloading and using cryptocurrency-related applications, and to avoid entering sensitive information through unofficial channels.