News linked to both this project and an event.
According to PeckShieldAlert monitoring, approximately 1 billion Polkadot (DOT) tokens have been minted and dumped on the Ethereum network. Details of the incident are still under further verification. According to CertiK monitoring, the Hyperbridge gateway contract was attacked; the attacker forged messages to tamper with the admin privileges of the Polkadot token contract on Ethereum, and profited approximately $237,000 by minting and selling 1 billion tokens.
According to Cointelegraph, researchers from the University of California recently revealed security risks in certain third-party AI large language model (LLM) routers that could lead to the theft of cryptocurrency assets. The study found that LLM routers—acting as API intermediaries—can read plaintext information; some routers were discovered injecting malicious code and stealing credentials. The research team tested 28 paid and 400 free routers, identifying nine routers that actively injected malicious code, two that deployed trigger-avoidance mechanisms, and 17 that accessed Amazon Web Services (AWS) credentials. One router even transferred ETH using the researchers’ Ethereum private key. The study notes that malicious behavior by routers is difficult to detect, and the “YOLO mode” present in some AI agent frameworks—which automatically executes commands—further increases security risks. Researchers recommend that developers avoid transmitting private keys or mnemonic phrases through AI agents and urge AI companies to implement cryptographic signing of responses to enhance security.
Decentralized GPU cloud computing infrastructure platform Aethir confirmed that its Ethereum-related bridge contract was attacked. The team promptly disconnected the affected contract and, in collaboration with major exchanges, blacklisted the hacker’s wallet, limiting losses to under $90,000. Earlier, blockchain security firm PeckShield estimated losses at $400,000. The attacker exploited Aethir’s cross-chain smart contract, AethirOFTAdapter, to transfer stolen funds from BNB Chain to Tron. Aethir stated that its Ethereum mainnet ATH token supply remains unaffected. It plans to release a detailed compensation plan and incident analysis next week and will collaborate with exchanges including Binance, Upbit, and Bithumb to freeze funds. Web3 security platform ZeroShadow is assisting with the investigation. In 2025, Aethir achieved $127.8 million in revenue and deployed over 440,000 GPU containers globally.
U.S. law firm Gibbs Mura has launched a class-action litigation investigation into the April 1, 2026, hack of Drift Protocol, reviewing potential investor claims against Circle Internet Financial. The attack resulted in the theft of approximately $280–285 million in assets. The attacker subsequently used Circle’s Cross-Chain Transfer Protocol (CCTP) to bridge over $230 million worth of USDC to Ethereum—Circle took no action to freeze the funds throughout the incident. Notably, just nine days prior, Circle had voluntarily frozen 16 business wallets in a separate civil dispute. Blockchain analytics firm Elliptic suspects the attack was carried out by a North Korea–backed hacking group. As a result of the breach, Drift Protocol’s total value locked (TVL) plummeted from $550 million to below $250 million, the DRIFT token price dropped more than 40%, and at least 20 DeFi protocols suffered indirect losses.