News linked to both this project and an event.
the U.S. government's export controls and access restrictions on Anthropic's models, Fable 5 / Mythos 5, were partly driven by Amazon's cybersecurity research and AWS CEO Andy Jassy's communications with the White House.It is understood that research submitted by Amazon indicated that through a series of prompt tests, researchers could induce Fable 5 to output sensitive information potentially usable for cyberattacks, raising security concerns. Subsequently, Andy Jassy reported these findings to the U.S. government level, prompting the White House to implement further restrictions, including banning foreign users from accessing the model.Meanwhile, former U.S. Commerce Department official Kate Koren revealed that the White House's existing policy stance towards Anthropic may have also influenced this decision. This is because Anthropic has disagreements with the White House over the boundaries of AI safety, including refusing to use its models for mass surveillance or lethal autonomous weapons systems. Although the two sides had eased tensions and expanded cooperation earlier this year, this incident could reignite strained relations between them. (The Wall Street Journal)
Humility Protocol released a security incident update on the X platform, stating that its H token suffered a coordinated attack on the Ethereum and BSC chains yesterday, with confirmed losses exceeding $36 million in stolen and dumped assets.Preliminary investigations indicate the incident originated from a compromised employee computer, which led to the leakage of private keys for the multi-signature wallet controlling the Hyperlane Bridge ProxyAdmin. Specifically, the attacker obtained 3 out of 6 private keys of the Gnosis Safe wallet on the Ethereum chain, transferred ownership of the ProxyAdmin to a wallet under their control, upgraded the bridge contract to a malicious implementation, and subsequently transferred approximately 141.2 million H tokens in a single transaction.Simultaneously, the attacker also gained control of 3 out of 5 private keys of the Safe wallet on the BSC chain, took over the ProxyAdmin using the same method, deployed a malicious contract with unlimited minting functionality, and minted 200 million H tokens in two separate transactions to their own wallet.Humility stated that it has suspended all deposit and withdrawal operations on the affected bridge services and is collaborating with partners such as exchanges to mitigate losses. Meanwhile, it is cooperating with the police investigation and attempting to recover part of the stolen funds.
According to monitoring by on-chain analyst Ember, the "private key leak" has allowed the minting and dumping of H to continue for 13 hours. The so-called "hacker" is still able to mint H on the BSC chain and sell it off, draining every last cent from the pools. The "hacker" has minted 300 million H and sold a total of approximately 450 million H, cashing out $34 million (ETH+BNB). The H pool on BSC has been drained to just $13 in liquidity, and the price of H has plummeted 99.9% to $0.0009. Meanwhile, the perpetual contract price on CEX stands at $0.09, a 100x difference. In essence, they have de-pegged into two unrelated tokens.
Web3 security company Immunefi's latest "2026 Ecosystem Vulnerability Audit Report" shows that losses from DeFi protocol hacks have fallen 74% from a peak of $2.62 billion in 2022 to approximately $680.3 million in 2025.The report notes that the median loss per individual attack has also significantly decreased, from $6 million in 2022 to $1.5 million in 2025, reflecting an overall improvement in security standards. Meanwhile, the share of bridge exploits in total DeFi losses has dropped sharply from 73% in 2022 to 3% in 2025, and the proportion of flash loan attacks has fallen from 54% to less than 1%.The proportion of risks at the infrastructure level (such as private key leaks and database attacks) also decreased from 30.7% in 2022 to 10.3% in 2025. Immunefi stated that this reflects continuous optimization in oracle design, reentrancy attack protection, and access control standards, making the DeFi ecosystem "generally becoming safer."However, the report also notes that losses slightly rebounded to $680.3 million in 2025, primarily due to increased complexity in multi-chain systems and a few high-severity incidents. At the same time, the number of independent security incidents continues to rise, indicating the attack surface is still expanding. (The Block)
According to Odaily, THORChain has issued an emergency announcement stating that after discovering a suspected breach of an Asgard vault, the network has suspended trading operations to respond to the security incident. Preliminary information indicates that user funds remain unaffected, with losses primarily concentrated on the protocol's own capital.The official statement noted that the system automatically detected anomalous behavior and halted signing operations, thereby alerting the community and preventing further asset outflow. The investigation is currently ongoing to determine the root cause of the vulnerability and the full scope of the impact.Known information indicates that this incident involves one of the six Asgard vaults, with estimated losses of approximately $10.7 million. Meanwhile, staked RUNE on the affected nodes has been slashed due to a penalty mechanism triggered by unauthorized outgoing transactions. The network has paused churn operations and delayed the launch of new chains and related features until system stability is restored.THORChain stated that no user cross-chain transactions have been affected so far and has requested node operators to thoroughly inspect their infrastructure, secure key management, and anomalous behavior, and to submit relevant logs to assist the investigation.
Ronghui Gu, co-founder and CEO of CertiK, stated that AI tools are exacerbating the imbalance between attack and defense in DeFi security, making it easier for attackers to discover vulnerabilities and replicate attack paths across different protocols.He pointed out that the DeFi security situation was particularly severe in April of this year, with only 3 days that month free from hacker attacks, resulting in cumulative losses exceeding $690 million for DeFi protocols. Excluding the Bybit attack in February 2025, April has become the month with the highest losses from DeFi hacks since March 2022.Ronghui Gu believes that attackers can concentrate significant computing power to repeatedly test a single protocol, whereas security companies need to serve multiple clients simultaneously with dispersed resources, putting the defense side at a natural disadvantage. Meanwhile, the focus of recent attacks is also shifting from smart contract vulnerabilities to operational security and weak points in the supply chain.He emphasized that even if AI fails to find vulnerabilities over an extended period, it does not prove the code is completely secure; under current technical conditions, formal verification remains a more reliable method for ensuring security.
Odaily Odaily News Gate Research recently released its "April 2026 Cryptocurrency Market Review" report, indicating that the overall cryptocurrency market saw a volatile upward trend in April, with total market capitalization significantly higher than in March. BTC and ETH ETF trading volumes maintained high volatility overall. The report shows continued divergence in activity across major public chain ecosystems. Solana's daily transaction volume remained in the range of approximately 90 million to 110 million transactions, maintaining its leading position.Regarding trending sectors, the report notes that Pokemon TCG RWA has become one of the fastest-growing on-chain RWA sub-sectors, entering a second explosive growth phase in April. Major trading platforms saw monthly trading volumes exceed $220 million, with weekly revenue briefly approaching $6 million, setting new historical records. Meanwhile, Aave experienced its most severe liquidity crisis ever in April, with TVL outflows reaching tens of billions of dollars within a few days and net outflows exceeding $9 billion for the entire month.In terms of fundraising and security incidents, the Web3 industry completed 51 financing rounds in April, totaling approximately $834 million, with capital further concentrating on leading financial and infrastructure tracks. Among these, Payward ranked first for the month with a $200 million financing round. On the security front, Web3 security incidents in April resulted in losses of approximately $306 million, a month-over-month increase of about 858%, primarily driven by a single cross-chain infrastructure attack on Kelp DAO worth approximately $293 million. The report suggests that against the backdrop of a recovering market, on-chain activity and capital liquidity are both increasing simultaneously. However, the security risks associated with cross-chain infrastructure and high-leverage protocols remain worthy of continued attention.
According to CoinDesk, the floor price of Bored Ape Yacht Club (BAYC) NFTs has risen from approximately 5 ETH to over 10 ETH in the past month, while ApeCoin (APE) rebounded from below $0.10 to around $0.16 during the same period, with trading volume notably expanding. Meanwhile, repeated security vulnerabilities and persistently declining yields in the DeFi sector have driven some capital toward the NFT market. The financialization trend of NFTs is also intensifying: a recent $2.8 million loan collateralized by a CryptoPunk attracted widespread attention, with the lender expected to earn roughly $138,000 in interest over 90 days. Blue-chip collections such as Pudgy Penguins have also strengthened concurrently, and market expectations surrounding a potential token launch by OpenSea have further boosted sentiment.
LayerZero Labs posted on platform X, stating that the internal RPC used by LayerZero Labs had been attacked by the Lazarus Group over the past three weeks, compromising the true source of its DVN (Decentralized Verifier Network). Meanwhile, external RPC providers experienced DDoS attacks. The incident affected 0.14% of applications and approximately 0.36% of asset value. LayerZero Labs stated that assets are currently secure, and over $9 billion in funds have been bridged through the protocol since April 19.In response to the security risk, LayerZero Labs has ceased providing services for its DVN in a 1/1 configuration. Default configurations for all pathways will migrate to a multi-DVN model of at least 3/3 or 5/5 signatures. Additionally, regarding an incident from three years ago where a multi-sig holder mistakenly used a hardware wallet for personal transactions, LayerZero Labs has removed that signer and replaced the wallet, while developing a custom OneSig multi-sig system. LayerZero Labs advises developers to lock configurations to avoid reliance on default settings and plans to launch an asset management platform, Console, to enhance security monitoring.
1inch market maker TrustedVolumes confirmed on the X platform that it had been attacked, disclosing that the stolen funds are currently held in three addresses, with a total amount of approximately $6.7 million. Two of the addresses each hold about $3 million in assets, while another address holds approximately $700,000 in assets. Meanwhile, TrustedVolumes expressed its willingness to engage in constructive communication with the attacker regarding a bug bounty and mutually acceptable solutions.
North Korea has denied allegations of its involvement in cryptocurrency theft, calling the claims "absurd slander" and a "political tool." The statement, issued by state-run media, emphasized that necessary measures will be taken to safeguard national interests. However, data from blockchain analytics firm TRM Labs shows that in the first four months of 2026, hacker groups linked to North Korea have stolen approximately $577 million, accounting for about 76% of global crypto theft losses during the same period. This includes two major attacks on KelpDAO (approximately $292 million) and Drift Protocol (approximately $285 million).TRM pointed out that the attacks are primarily associated with the Lazarus Group and its sub-organizations. Since 2017, the cumulative scale of crypto theft linked to North Korea has exceeded $6 billion.U.S. and international agencies widely believe that such funds are used to support military and missile programs. Meanwhile, the U.S. Treasury Department has recently imposed sanctions on relevant individuals and entities, targeting approximately $800 million in illicit fund flows in 2024. (The Block)
According to an official announcement, ZetaChain stated that its GatewayEVM contract was attacked today, with the impact limited solely to internal wallets controlled by the ZetaChain team. The official statement confirmed that the attack vector has been blocked and no further funds are currently at risk. As a precautionary measure, ZetaChain has suspended cross-chain transactions. Meanwhile, the investigation remains ongoing; according to the official statement, no user funds have been affected by this incident, and a detailed post-mortem report will be released upon completion of the investigation.
According to Decrypt, OpenAI CEO Sam Altman stated that Anthropic is promoting its AI model Claude Mythos through “fear-based marketing,” using narratives about security risks to justify its limited-open strategy. Claude Mythos has recently drawn attention for its ability to autonomously discover software vulnerabilities and perform complex cybersecurity operations. The report notes that Mozilla previously disclosed that the model identified 271 vulnerabilities in the Firefox browser during testing. Meanwhile, discussions surrounding the model’s potential offensive cybersecurity risks continue to intensify. Altman also emphasized that OpenAI will not scale back its infrastructure investments and will continue expanding its computational capabilities.
Odaily News Lido posted on platform X stating that on April 18th, the Kelp cross-chain bridge was attacked, resulting in the theft of approximately 116,500 rsETH (worth about $292 million). Subsequently, the related assets were frozen on lending markets such as Aave.Its treasury product EarnETH has approximately a 9% risk exposure (about $21.6 million) through leveraged rsETH/ETH positions on Aave. Meanwhile, rising borrowing utilization is creating cost pressure on other strategies. The team is advancing deleveraging and reducing overall risk.Lido pointed out that the final impact of the rsETH positions depends on the subsequent handling by Kelp, LayerZero, and Aave, including loss sharing, asset recovery, and bad debt processing.Regarding risk mitigation, EarnETH can, if necessary, activate a $3 million "first-loss protection mechanism" (provided by the DAO treasury) to cover losses. The specific scale of its use is still pending further evaluation. Currently, the treasury has suspended deposits and withdrawals to ensure fairness and complete loss assessment. If the handling process is slow, redemption channels may be reopened based on the worst-case loss expectations.The official emphasized that stETH and wstETH are unaffected, and the core staking protocol was not involved in this incident.
According to a post by 0xngmi, founder of DefiLlama, following the hack of KelpDAO, Aave is facing severe pressure in handling bad debt. Currently, there are three potential solutions: First, socializing the loss across all users—this would result in an 18.5% impairment for users, generating approximately $216 million in bad debt. Aave’s Umbrella Insurance could cover $55 million, and the treasury could contribute an additional $85 million, leaving a shortfall of roughly $76 million. Second, executing a “rug pull” on rsETH holders on L2 chains—this would generate approximately $341 million in bad debt, with Arbitrum, Mantle, and Base markets suffering the heaviest losses. Third, returning assets to holders based on a pre-attack snapshot—but this approach is extremely operationally challenging, and even after Umbrella Insurance coverage, an estimated $91 million in losses would remain. Additionally, some suggest confiscating the hacker’s collateral to offset part of the bad debt. Meanwhile, Aave’s OG Security Module still holds approximately $300 million worth of AAVE tokens; applying a 20% reduction would provide an additional ~$60 million in loss coverage.
According to an official announcement from Curve Finance, due to a hacker attack on the rsETH LayerZero infrastructure, Curve Finance has suspended its LayerZero infrastructure for security reasons, pending further investigation into the root cause before resuming operations. This suspension affects the following: cross-chain bridging of CRV tokens from BNB Chain, Sonic, Avalanche, Fantom, Etherlink, and Kava (chains using native bridges remain unaffected), as well as the crvUSD fast bridge functionality (the L2 slow bridge remains fully operational). Meanwhile, KelpDAO is also reported to have suffered a vulnerability exploit involving approximately $291 million; the exact extent of losses is still under investigation.
Odaily News Open source AI agent project OpenClaw maintainer Onur Solmaz publicly posted a strong response to various external negative controversies. He stated that the project has been continuously subjected to public opinion attacks, with the core reason being that OpenClaw adheres to a neutral public welfare nature, does not participate in token pumping, does not pursue commercial profits, differentiating itself from profit-driven AI agent products in the industry.The project maintains neutrality in both industry and geopolitics. It is precisely because its own development has touched upon the interests of peers that it has been deliberately smeared. Meanwhile, the official team refuted various accusations one by one, including being bloated, lacking security, and being acquired by OpenAI. They also introduced facts such as architectural optimization, rapid vulnerability fixes, and the team's unpaid open-source operation and maintenance. The project is defined as the people's AI, calling on the community to jointly build an open-source AI ecosystem.