News linked to this event type.
Humanity announced the independent investigation results from Quantstamp, stating that the security incident—exceeding $31 million—originated from a phishing attack that led to the leakage of private keys. The attackers subsequently gained control of the smart contract and dumped tokens; the tools and tactics employed exhibit characteristics commonly associated with North Korean hacker groups.
the U.S. government's export controls and access restrictions on Anthropic's models, Fable 5 / Mythos 5, were partly driven by Amazon's cybersecurity research and AWS CEO Andy Jassy's communications with the White House.It is understood that research submitted by Amazon indicated that through a series of prompt tests, researchers could induce Fable 5 to output sensitive information potentially usable for cyberattacks, raising security concerns. Subsequently, Andy Jassy reported these findings to the U.S. government level, prompting the White House to implement further restrictions, including banning foreign users from accessing the model.Meanwhile, former U.S. Commerce Department official Kate Koren revealed that the White House's existing policy stance towards Anthropic may have also influenced this decision. This is because Anthropic has disagreements with the White House over the boundaries of AI safety, including refusing to use its models for mass surveillance or lethal autonomous weapons systems. Although the two sides had eased tensions and expanded cooperation earlier this year, this incident could reignite strained relations between them. (The Wall Street Journal)
David Sacks, co-chair of the President's Council of Advisors on Science and Technology, responded to the regulatory implications of the Anthropic “security controversy,” stating that he has communicated with multiple parties regarding the current situation at Anthropic. He concluded that the core of the event lies in the security controversy sparked by its newly released model “Fable” (the commercial version of the Mythos-class models). Although Anthropic publicly stated the vulnerability was “not severe,” the U.S. government and testers disagreed with this assessment, believing it was significant enough to impact the model's security, even involving “cyber weapons operability” risks.David Sacks further criticized that Anthropic has long emphasized “safety first,” yet in this instance, it was more inclined to keep the consumer version continuously online rather than prioritizing the repair of the security issue. He stated this matter should not be conflated with previous defense or regulatory controversies and noted that the U.S. government still recognizes Anthropic's technical capabilities. The current problem “could have been resolved quickly, the ball is in Anthropic's court.”
Odaily Zcash founder Zooko Wilcox posted on X stating that a security audit conducted by Anthropic's Claude Mythos AI model did not find any "more severe vulnerabilities" in the Zcash protocol. The audit was commissioned by Shielded Labs, a Swiss non-profit organization supporting Zcash development. On June 3, Zcash developers temporarily paused Orchard transactions after discovering a vulnerability in the shielded pool, restoring functionality through an emergency upgrade the same day. The issue stemmed from a four-year-old forging vulnerability in the Orchard shielded pool, identified by security researcher Taylor Hornby with the assistance of Anthropic's Claude Opus 4.8 model. The Zcash Foundation stated there is no evidence that the vulnerability was exploited, nor was any unauthorized value creation detected, and user privacy remained unaffected.Anthropic released the first public version of the Claude Mythos model, Fable 5, on Tuesday, and stated on Friday that it has suspended access to the Fable 5 and Mythos 5 AI models due to export control directives issued by the U.S. government citing national security concerns. (Cointelegraph)
According to Cointelegraph, Zcash founder Zooko Wilcox stated that a security audit of the Zcash protocol—commissioned by Shielded Labs and conducted using Anthropic’s Mythos AI model—did not uncover any new critical vulnerabilities. Previously, security researcher Taylor Hornby discovered, using Claude Opus 4.8, a four-year-old forgery vulnerability in the Orchard shielded pool, prompting developers to urgently suspend Orchard transactions on June 3 and complete the fix the same day. The Zcash Foundation confirmed there is no evidence the vulnerability was ever exploited, and user privacy remained unaffected.
According to HackQuest (@HackQuest_), the 0G APAC Hackathon has officially announced its winners. The event attracted 1,145 participants globally and received 293 final project submissions, generating over 1.04 million social media impressions. Winners are as follows: First Place: Ghast AI (@Ghast_AI) — A crypto-native AI agent client built on 0G, supporting decentralized inference, user-controlled long-term memory, censorship-resistant access, and portable agent IDs. Second Place: NeoSoul (@NeoSoulAI) — A trust layer designed specifically for the emerging agent economy, providing infrastructure such as verifiable agent permissions, accountability mechanisms, and recovery systems. Third Place: Anima (@anima_0g) — A CLI-native agent framework where agent identity, memory, inference, wallet, and economic activities all run atop 0G’s decentralized infrastructure, enabling cross-device, independent, and persistent operation. Excellence Awards: - @Alsphere0G — Collective intelligence memory layer for AI agents - @Hash_PayLink — Payment-gated AI infrastructure for the agent economy - @railbeam_ai — Payment rails and financial operations workspace for humans and agents - @stealth_pay — Privacy-preserving payment-related project
A cryptography expert advisory committee led by Coinbase released a report stating that Bitcoin should immediately begin preparing for potential quantum computing attacks. However, the committee did not take a clear stance on whether to freeze the millions of bitcoins potentially vulnerable to quantum-computing theft in the future. The committee includes several leading experts, such as Justin Drake, a researcher at the Ethereum Foundation. They argue that the current debate is not about *how* to introduce quantum-resistant signature schemes, but rather *how to handle* bitcoins held in long-dormant addresses that fail to migrate. One camp advocates setting a final deadline after which Bitcoin’s existing ECDSA and Schnorr signature schemes would no longer be supported, and unmigrated funds would be frozen—thereby preventing future quantum attackers from seizing large amounts of BTC and destabilizing markets. The other camp contends that freezing funds would effectively amount to asset confiscation, violating Bitcoin’s core principles of immutability and full user control over assets—and could set a precedent for future regulatory-driven freezes. The Coinbase advisory committee notes that these approaches are not mutually exclusive and could be combined. Yet it declines to state a position on whether “legacy BTC” should be frozen, asserting that the ultimate decision rests with Bitcoin’s community governance. It emphasizes two key points: first, technical development of quantum-resistant signature migration must begin immediately—not wait for governance debates to conclude; second, users must receive clear, timely risk communication to prevent prolonged uncertainty from harming the Bitcoin ecosystem.
Zcash founder Zooko posted on X, stating that at the request of Shielded Labs, Anthropic and Mythos conducted a security audit of Zcash, and no further critical vulnerabilities were found in the Zcash protocol. Shielded Labs and other parties are continuing to carry out security reinforcement efforts.
According to a post by Zcash co-founder Zooko (@zooko), Anthropic, in collaboration with Mythos, conducted a security audit of the Zcash protocol at the request of Shielded Labs. The audit found no critical vulnerabilities. Shielded Labs and related teams are continuing their efforts to strengthen security, and further updates will be announced separately.
law enforcement agencies from 11 countries have jointly shut down the money laundering network AudiA6, which processed over 336 million euros in illicit funds between 2022 and 2025. On June 10, law enforcement arrested two administrators of Russian and Ukrainian nationality in Georgia, seized 25 domain names, over 30 servers, and 80 vehicles, and froze approximately 778,000 euros in cryptocurrency. Operating as a "mixer-as-a-service," AudiA6 provided services to cybercriminals involved in ransomware attacks, helping them cash out crypto assets and conceal the flow of funds, charging commissions of 3% to 10% and claiming to complete the "cleaning" process within about an hour.Since 2021, the AudiA6 wallet has received approximately 10,333 BTC, valued at around $389 million at the time of the transactions. The investigation also revealed that the money laundering network used thousands of fake accounts created with stolen or purchased identities, involving over 6,000 KYC records; many of these accounts were linked to Russian-speaking intermediaries and were used to transfer criminal proceeds through cryptocurrency exchanges. The clearnet and darknet domains of AudiA6 and Dark2Web have been replaced with seizure banners. (Cointelegraph)
The Bitcoin Core Project released a security advisory confirming a privacy vulnerability in the -privatebroadcast feature introduced in version 31.0.
U.S. House bipartisan lawmakers introduced a bill on Thursday to establish a cross-agency federal cryptocurrency theft task force under the leadership of the Attorney General, aimed at coordinating and leading investigations into cryptocurrency theft, fraud, and hacker attacks.The bill is jointly sponsored by Republican Representative Lance Gooden of the House Judiciary Committee and Democratic Representative Josh Gottheimer of the House Financial Services Committee. The task force will include multiple federal agencies such as the Department of Justice, the Federal Bureau of Investigation, the Department of Homeland Security, and the Department of the Treasury, aiming to address the $11 billion theft and fraud issues caused last year and provide victims with a unified federal response mechanism. (coindesk)
: U.S. Treasury Secretary Bessent stated on the X platform that the Iranian regime will lose the zero-sum game it is currently engaged in. Any damage it causes to Gulf allies will be compensated with funds withdrawn from Iranian accounts; any toll fees paid to the Strait of Persia Authority will be offset with funds withdrawn from its accounts; every attack launched by Iran will only deepen the economic, social, and financial consequences it faces.
Odaily, Mitchell Amador, CEO of bug bounty platform Immunefi, stated at the WAIB Summit that new AI models such as Claude Opus 4.8 and ChatGPT 5.5 are shifting the balance of cybersecurity offense and defense in favor of attackers, leading to a resurgence in crypto hacks in 2026. Data from DefiLlama shows that in April 2026, illicit actors stole over $634 million from crypto platforms, the highest monthly total since the Bybit hack in February 2025 drove losses of approximately $1.4 billion.Amador stated that the crypto industry is in a critical survival period for the next three to four years until security teams leverage similar AI models to build codebases that attackers cannot breach; if the industry adopts more crowd-sourced security solutions, this timeline could be shortened to within two years. The latest Claude Mythos model, Fable 5, from AI company Anthropic, previously raised concerns about accelerating the ability to exploit crypto vulnerabilities.Anthropic stated that Fable 5 has safeguards in place that will redirect topics related to cybersecurity and similar fields to Claude Opus 4.8. On April 19, an attacker transferred approximately 116,500 restaked Ethereum (rsETH) from Kelp DAO's LayerZero-based rsETH bridge, valued at around $290 million to $293 million at the time. Cross-chain protocol LayerZero stated that the 1/1 decentralized verification network configuration of Kelp DAO relied on a single verification path for processing cross-chain messages, creating a single point of failure. (Cointelegraph)
Agora, an automated testing framework jointly developed by 0G Labs and research teams from the National University of Singapore, Peking University, and Beijing University of Posts and Telecommunications, has been accepted to ICML 2026. Agora is the first framework to deeply integrate domain-specific knowledge from distributed systems with a multi-agent collaborative architecture for automated vulnerability detection in production-grade consensus protocols. According to the paper, Agora has uncovered 15 previously unknown deep logic bugs (“Deep Bugs”) across mainstream consensus protocols—including Raft, EPaxos, HotStuff, and BullShark—spanning critical security issues such as execution divergence, monotonicity violations, topology flaws, and signature verification failures. Experimental results show that leading large language models—including GPT-5.2 and Claude 4.5—failed to detect any protocol-level vulnerabilities under identical test scenarios. Agora employs hypothesis-driven testing and a multi-agent collaboration mechanism, enabling deep security analysis of complex distributed systems through automated attack-scenario generation, test execution, and dynamic refinement. Beyond consensus protocols, the framework is designed for future extension to domains including database concurrency control, operating system kernels, and Web3 smart contract auditing.
Anthropic CEO Dario Amodei has stated that if new AI models pose specific risks, governments should have the authority to prevent their deployment. In a lengthy post on Wednesday, Amodei argued that AI models should undergo mandatory third-party testing to assess potential risks across multiple domains. He wrote that if an AI is deemed to pose "unacceptable risks," then "governments should have the power to block or constrain its deployment." This is one of Amodei's strongest statements to date advocating for stricter AI regulation. "I believe that, at least during this current exponential growth phase, the most appropriate analogy is cars, airplanes, or pharmaceuticals—technologies that are essential to the modern economy but can also lead to significant loss of life if poorly designed or misused," Amodei wrote. Anthropic has previously warned that its AI model, Mythos, possesses the ability to discover and exploit critical software vulnerabilities, leading the company to restrict access to a small number of partners. This week, Anthropic also released a new version that removes related cybersecurity attack capabilities. (Jinshi)
blockchain security analyst Specter posted on X platform, stating that an old liquidity pool of the Solana DeFi protocol Raydium is suspected of being attacked, with the attacker stealing approximately $1.34 million in assets, mainly including USDC, RAY, and wSOL. Currently, the hacker has transferred the stolen funds to Ethereum via a bridge and subsequently deposited them into Tornado Cash for mixing.
According to on-chain security platform Blockaid (@blockaid_), the MILC Platform cross-chain bridge suffered a private key leak on both the BNB Chain and Ethereum networks. The attacker exploited a historical bridge administrator wallet to grant the DEFAULT_ADMIN_ROLE and MANAGER_ROLE permissions to the attacker’s address. Subsequently, assets were withdrawn from the bridge contract, and administrative control was transferred to the attacker’s wallet. Confirmed losses currently stand at approximately $97,003 USDT (on BNB Chain) and approximately 39.21 ETH (on Ethereum, transferred out via Rhino.fi), totaling roughly $161,000.
Humanity stated that it has shared the attacker’s address tracking page with all centralized exchanges, decentralized exchanges, and aggregators, and will continue updating it. Humanity has also announced a $1 million USDT bounty for information that aids in recovering the stolen funds; all recovered funds will be used to repurchase $H.
Humanity released a post-mortem report on the H token security incident that occurred between June 8 and 9, stating that the incident was not caused by a smart contract vulnerability, but rather by a malware intrusion into a developer's device, which led to the leakage of private keys. Humanity stated that the attacker still holds the ProxyAdmin permissions for the ETH bridge and the BNB Chain token. Preliminary investigations confirmed that a colleague's device was infected with malware, which the attacker used to obtain the hot wallet private key of the administrator and the private keys for signing on 6 Gnosis Safe wallets. The team has hired an external security agency to conduct a forensic investigation and stated that they are formulating a recovery plan for affected users.