News linked to both this project and an event.
Odaily Zcash founder Zooko Wilcox posted on X stating that a security audit conducted by Anthropic's Claude Mythos AI model did not find any "more severe vulnerabilities" in the Zcash protocol. The audit was commissioned by Shielded Labs, a Swiss non-profit organization supporting Zcash development. On June 3, Zcash developers temporarily paused Orchard transactions after discovering a vulnerability in the shielded pool, restoring functionality through an emergency upgrade the same day. The issue stemmed from a four-year-old forging vulnerability in the Orchard shielded pool, identified by security researcher Taylor Hornby with the assistance of Anthropic's Claude Opus 4.8 model. The Zcash Foundation stated there is no evidence that the vulnerability was exploited, nor was any unauthorized value creation detected, and user privacy remained unaffected.Anthropic released the first public version of the Claude Mythos model, Fable 5, on Tuesday, and stated on Friday that it has suspended access to the Fable 5 and Mythos 5 AI models due to export control directives issued by the U.S. government citing national security concerns. (Cointelegraph)
According to Cointelegraph, Zcash founder Zooko Wilcox stated that a security audit of the Zcash protocol—commissioned by Shielded Labs and conducted using Anthropic’s Mythos AI model—did not uncover any new critical vulnerabilities. Previously, security researcher Taylor Hornby discovered, using Claude Opus 4.8, a four-year-old forgery vulnerability in the Orchard shielded pool, prompting developers to urgently suspend Orchard transactions on June 3 and complete the fix the same day. The Zcash Foundation confirmed there is no evidence the vulnerability was ever exploited, and user privacy remained unaffected.
law enforcement agencies from 11 countries have jointly shut down the money laundering network AudiA6, which processed over 336 million euros in illicit funds between 2022 and 2025. On June 10, law enforcement arrested two administrators of Russian and Ukrainian nationality in Georgia, seized 25 domain names, over 30 servers, and 80 vehicles, and froze approximately 778,000 euros in cryptocurrency. Operating as a "mixer-as-a-service," AudiA6 provided services to cybercriminals involved in ransomware attacks, helping them cash out crypto assets and conceal the flow of funds, charging commissions of 3% to 10% and claiming to complete the "cleaning" process within about an hour.Since 2021, the AudiA6 wallet has received approximately 10,333 BTC, valued at around $389 million at the time of the transactions. The investigation also revealed that the money laundering network used thousands of fake accounts created with stolen or purchased identities, involving over 6,000 KYC records; many of these accounts were linked to Russian-speaking intermediaries and were used to transfer criminal proceeds through cryptocurrency exchanges. The clearnet and darknet domains of AudiA6 and Dark2Web have been replaced with seizure banners. (Cointelegraph)
Humanity released a post-mortem report on the H token security incident that occurred between June 8 and 9, stating that the incident was not caused by a smart contract vulnerability, but rather by a malware intrusion into a developer's device, which led to the leakage of private keys. Humanity stated that the attacker still holds the ProxyAdmin permissions for the ETH bridge and the BNB Chain token. Preliminary investigations confirmed that a colleague's device was infected with malware, which the attacker used to obtain the hot wallet private key of the administrator and the private keys for signing on 6 Gnosis Safe wallets. The team has hired an external security agency to conduct a forensic investigation and stated that they are formulating a recovery plan for affected users.
Humanity released an incident update stating that its H token was subject to a coordinated attack on Ethereum and BSC on the evening of June 8, resulting in approximately $36 million worth of tokens stolen and dumped across both chains. The project disclosed that the attack originated from a compromised employee laptop, which led to the leakage of multiple owner keys for the Gnosis Safe controlling the Hyperlane bridge ProxyAdmin. On Ethereum, the attacker seized ownership of the ProxyAdmin and upgraded the contract to a malicious implementation, transferring approximately 141.2 million H tokens in a single transaction. On BSC, after similarly gaining control of the ProxyAdmin, the attacker deployed a malicious implementation with infinite minting capabilities, minting 200 million H tokens in two transactions and continuously dumping them. Humanity has suspended deposits and withdrawals on the affected cross-chain bridge and is cooperating with exchanges and law enforcement to investigate the incident and seek partial recovery of the stolen funds.
Odaily News, June 9th — BitMEX co-founder Arthur Hayes stated in his latest article "Reality Test" that if oil prices continue to rise due to the US-Iran conflict, it could trigger a collapse of the AI stock bubble and drag the entire crypto market down.Hayes said that if traffic restrictions in the Strait of Hormuz persist deep into the second quarter, spot prices for hydrocarbons and other key commodities could rise in the third quarter. If oil prices continue to climb and inflationary pressures impact the US midterm elections, Trump might pivot to a tough stance targeting data center construction, AI regulation, and taxation. Hayes believes the market could anticipate Trump limiting AI capital expenditure and taxing AI companies, thereby triggering the burst of the AI stock bubble.Hayes also noted that since November 2022, the scale of AI-related debt issuance has been approximately $1.5 trillion, and US M2 has increased by roughly the same amount during the same period. He believes the three factors that could pop the AI bubble include rising energy costs, the market's inability to absorb three major AI-related IPOs — namely SpaceX, Anthropic, and OpenAI — and Trump's shift to opposing AI. In terms of portfolio, Hayes stated that Maelstrom's stock portfolio holds significant positions in US-listed energy producers; he has sold AI-related stocks and offloaded non-core crypto assets, having dumped HYPE, NEAR, and WLD last week, as well as selling ZEC due to the Orchard Pool vulnerability. He still holds Bitcoin and ETH and will execute tactical short trades via derivatives.
Odaily Seer monitoring shows that Polymarket has launched a new prediction event titled "Was Zcash's Orchard privacy pool confirmed to have been exploited?"On June 4, Zcash's core development team revealed that they had deployed an emergency network upgrade to fix a critical cryptographic vulnerability in the Orchard privacy pool. This flaw could have potentially allowed a malicious attacker to arbitrarily forge unlimited amounts of ZEC. Due to the vulnerability's characteristic that "it is impossible to cryptographically prove whether it was exploited in the past," independent support organization Shielded Labs subsequently proposed on June 5 to deploy a new privacy pool during the NU7 upgrade at the end of July. They also suggested implementing strict "Turnstile-accounting" audits for tokens exiting Orchard to investigate whether any forged tokens exist. According to the settlement rules for this prediction event, if before December 31, 2026, official sources or mainstream credible media confirm that the vulnerability was effectively exploited on the mainnet before being patched, the event will settle as YES.Odaily Seer continues to monitor prediction markets, seeing changes before pricing.
According to monitoring by Specter, 13 wallets belonging to a rETH holder were attacked on June 5, resulting in cumulative losses of approximately $4.5 million in assets. However, the victim detected the issue in time before the attacker could further transfer funds and successfully moved about $4.7 million in remaining assets. It is reported that these wallets had been inactive for years. The attacker has now begun laundering the stolen funds.
on May 29, 2026, Taylor Hornby discovered a critical counterfeiting vulnerability in Zcash's Orchard pool. Taylor Hornby reported the vulnerability to the Zcash Open Development Lab, and after coordinated efforts, a fix was completed on June 2. The vulnerability could have been exploited to secretly create an unlimited number of counterfeit ZEC within Zcash Orchard. Due to the privacy features of Orchard, it is cryptographically impossible to determine whether the vulnerability was exploited before the fix was deployed.The vulnerability had existed since Orchard's activation in May 2022 until an emergency fix was deployed on June 1, 2026. Taylor Hornby, with the assistance of AI tools, wrote a complete exploit program and generated an infinite, undetectable amount of counterfeit ZEC in a local test environment. Shielded Labs is currently collaborating with other Zcash developers to explore network upgrade proposals that would allow anyone to verify the integrity of Zcash's supply.
According to Drift’s official announcement, the Drift Protocol released its latest recovery update on June 3, 2026. An independent forensic investigation conducted by cybersecurity firm Mandiant has confirmed that the prior attack against Drift was carried out by the North Korean threat group UNC6862, whose tactics closely align with those historically employed by North Korean state-sponsored hacking operations. On the rebuilding front, Drift announced the appointment of Noah Prince—former Engineering Lead of the Helium Protocol—as Protocol Lead, who will spearhead codebase hardening and platform security architecture redesign. Additionally, former members of the Gauntlet team have been brought on board to conduct margin engine reviews, optimize funding rates and market parameters, enhance liquidation mechanisms, and implement continuous risk monitoring. Drift plans to relaunch with “security-first” as its core principle, repositioning itself as Solana’s largest USDT-perpetuals exchange. With support from strategic partners including Tether, Drift will establish a dedicated recovery pool funded by platform revenues to compensate users for losses. Further details regarding the recovery mechanism and timeline will be disclosed progressively.
According to Cryptopolitan, Adam Iza—a 25-year-old cryptocurrency entrepreneur from California, nicknamed “The Godfather”—formally pleaded guilty on June 1 to orchestrating the kidnapping of a couple from Connecticut. The incident stemmed from the couple’s son, Veer Chetal, who allegedly stole 4,100 bitcoins (valued at approximately $245 million) via social engineering. In response, Iza planned to kidnap Chetal’s parents to recover the stolen funds. On August 25, 2024, the criminal group staged a rear-end collision near Danbury High School, forcibly abducted the victims, and assaulted them. However, the operation quickly unraveled after multiple witnesses called the police and nearby FBI agents intervened; all six participants were apprehended and have since pleaded guilty. Additionally, in a separate case in California, Iza also pleaded guilty to charges including wire fraud, tax evasion, and directing law enforcement officers to conduct illegal surveillance for extortion purposes. California prosecutors are separately seeking a 35-year prison sentence.
edgeX issued a statement regarding the abnormal price fluctuation of $EDGE on June 2, 2026, at midnight, clarifying that this incident was an attack targeting the $EDGE token’s price. The edgeX protocol remained fully operational throughout, and user assets were secure at all times. The team’s wallet address is verifiable on-chain and shows no evidence of selling, price manipulation, or any other improper activity.
: According to an official announcement, on June 3, Trust Wallet announced a partnership with BNB Chain and CoinMarketCap to officially launch the "BNB Hack: AI Trading Agents" hackathon, featuring a total prize pool of $36,000. The Trust Wallet Agent Kit serves as the core on-chain execution technology stack for this event. This hackathon also marks the first time the Trust Wallet Agent Kit has been fully integrated as a core infrastructure component into a top-tier AI Agent hackathon system.The hackathon features two main tracks: "Autonomous Trading Agents" (prize pool $24,000, 5 winners) and "Strategy Skills" (prize pool $6,000, 3 winners), in addition to three partner special awards of $2,000 each. In the "Autonomous Trading Agents" track, participants must leverage the Trust Wallet Agent Kit to achieve local self-custodial signing, autonomous mode operation, and on-chain trade execution, deployed within native BNB Chain scenarios such as PancakeSwap and BSC Perpetual Contracts. The "Strategy Skills" track does not require an execution layer; participants build backtestable strategy proposals based on 12 categories of data tools from CoinMarketCap MCP, including market data, technical indicators, on-chain data, sentiment, and news.Track one uses real PnL as the core evaluation criterion, setting a maximum drawdown limit as the risk control threshold. Track two is comprehensively scored by a judging panel across four dimensions: technical execution, originality, real-world value, and presentation. The build window runs from June 3 to June 21, the trading window from June 22 to June 28, and winners will be announced during the week of July 6. In addition to cash prizes, winning teams will receive CoinMarketCap Pro API subscription credits, mentorship from CMC Labs, and the BNB Chain Kickstart ecosystem support package.
OpenAI has confirmed a supply chain attack targeting a malicious TanStack NPM package in its internal environment, infecting two employees' devices. While user data and core code were not affected, the attackers stole access credentials for some internal code repositories, including code signing certificates used for iOS, macOS, and Windows products.To prevent hackers from exploiting the stolen certificates to distribute counterfeit applications, OpenAI has initiated defensive certificate rotation and announced that all macOS users of ChatGPT desktop, Codex, and Atlas browsers must upgrade to the latest version by June 12, 2026. After this deadline, old certificates will be revoked, and system-level blocks will prevent the launch of older versions and new installations.OpenAI stated that the company had previously deployed stricter code package blocking policies, but the infected devices had not yet synchronized the latest configuration, allowing the malicious component to successfully infiltrate. Currently, the iOS and Windows clients are unaffected, and core data such as user account passwords and API keys have been confirmed secure.
According to Cointelegraph, a New York judge has postponed the hearing on Aave’s emergency motion to unfreeze approximately $71 million worth of ETH and ordered Aave and Gerstein Harrow LLP to submit additional case briefs. A new hearing is scheduled for June 5. The court noted that Aave previously failed to adequately explain why users’ funds would suffer “derivative losses” if the restraining order remained in effect. The assets in question are linked to the Kelp DAO hack, which involved approximately $293 million and was previously frozen by Arbitrum. The judge also directed both parties to further clarify several legal issues, including the applicable law governing the hacker’s transactions, the legal distinction between fraud and theft, the priority ranking of creditors’ claims, the applicability of constructive trust, and whether assets can be proportionally returned to victims.
OpenAI has officially launched the GPT-5.5-Cyber model and the "Trusted Access for Cyber" (TAC) framework designed for cybersecurity defenders. Simultaneously, GPT-5.5-Cyber has been opened for a limited preview to defenders responsible for critical infrastructure, supporting specialized cybersecurity workflows.TAC is an identity and trust-based framework aimed at ensuring that enhanced AI capabilities are wielded by verified defenders. Defenders verified through this framework will encounter fewer instances of model refusal when performing tasks such as vulnerability identification, triage, malware analysis, binary reverse engineering, and patch verification. Starting from June 1, 2026, individual members accessing this capability will be required to enable advanced account security protection.OpenAI is currently collaborating with security vendors including Cisco, CrowdStrike, and Palo Alto Networks to accelerate the defense cycle of the security ecosystem through GPT-5.5, enhancing the efficiency of vulnerability research, patching, monitoring, and supply chain security.
According to SolanaFloor, Minhdonz, Product Lead of Drift, announced on the project’s official Discord that Drift has recently updated its relaunch timeline and plans to reintroduce its forked exchange in May or June this year. Previously, Drift suffered a severe hack involving approximately $285 million—reportedly linked to a social engineering attack by a North Korean hacker group.
Odaily News According to public records from the New York Criminal Court, Believe founder Benjamin Pasternak was arrested on suspicion of second-degree strangulation and assault, with a court appearance scheduled for June 11. He was previously accused of involvement in a token exit scam scheme involving millions of dollars. The platform's native token BELIEVE is currently trading at approximately $0.00075, down over 99% from its all-time high of $0.3569 set in May 2025.
Odaily Seer Channel monitoring shows that Polymarket has launched a new market: "When will the next cryptocurrency hack exceeding $100 million in losses occur". This market primarily references the Rekt News leaderboard as the adjudication source, and can also use publicly recognized reliable reports as a basis. Currently, this prediction market has set four time nodes: April 30, June 30, September 30, and December 31.The event contract rules are: This is a market regarding whether any crypto project or exchange suffers an attack or hack valued at a minimum of $100 million equivalent between the market creation and 11:59 PM Eastern Time on the date specified in the title. Otherwise, this market will ultimately resolve to "No". Hacks on decentralized exchanges and lending protocols will be counted.Odaily Seer Channel continues to monitor prediction markets, seeing changes before they are priced in.