Exploits, audits, bridge attacks, key compromises, and post-mortems. The state of crypto security and the auditors trying to keep up.https://news.cryptogrind.com/en-ushttps://news.cryptogrind.com/blog/echo-protocol-76m-ebtc-monad-admin-key-exploit/https://news.cryptogrind.com/blog/echo-protocol-76m-ebtc-monad-admin-key-exploit/Echo Protocol on Monad was exploited via a compromised admin key — minting 1,000 fake eBTC worth $76.7M. The attacker could only cash out $816K before the team burned the rest. Here's what actually happened.Tue, 19 May 2026 00:00:00 GMTbreaking-newssecuritydefibtcfimonadexploithttps://news.cryptogrind.com/blog/thorchain-10m-exploit-four-chains-rune-halted/https://news.cryptogrind.com/blog/thorchain-10m-exploit-four-chains-rune-halted/THORChain was drained across Bitcoin, Ethereum, BNB Chain, and Base simultaneously on May 15. RUNE dropped 12%, all trading and signing was halted, and the team still hasn't explained the attack vector.Fri, 15 May 2026 00:00:00 GMTdefiexploitsecuritythorchainhackbreaking-newshttps://news.cryptogrind.com/blog/ethereum-clear-signing-erc-7730-blind-signing-bybit/https://news.cryptogrind.com/blog/ethereum-clear-signing-erc-7730-blind-signing-bybit/The Ethereum Foundation, Ledger, MetaMask, Trezor, Fireblocks and WalletConnect just launched Clear Signing — an open standard that replaces the hex garbage users blindly approve with human-readable transaction descriptions. Bybit's $1.5B hack started with a blind signing. So did most of yours.Tue, 12 May 2026 00:00:00 GMTethereumsecuritydefibreaking-newswalletserc-7730https://news.cryptogrind.com/blog/bitcoin-core-cve-2024-52911-43-percent-nodes-vulnerable/https://news.cryptogrind.com/blog/bitcoin-core-cve-2024-52911-43-percent-nodes-vulnerable/Bitcoin Core quietly patched its first-ever memory safety bug in late 2024, disguising the fix as a logging improvement. The vulnerability — now public — let miners remotely crash nodes running versions 0.14.0 through 28.x. Nearly half the network is still exposed.Mon, 11 May 2026 00:00:00 GMTbreaking-newsbitcoinsecuritybitcoin-coreinfrastructurejobshttps://news.cryptogrind.com/blog/grok-morse-code-200k-ai-agent-hack/https://news.cryptogrind.com/blog/grok-morse-code-200k-ai-agent-hack/A single obfuscated tweet tricked xAI's Grok into executing a $175K on-chain transfer — no private keys stolen, no smart contract exploit. Just a chatbot doing what it was told.Thu, 07 May 2026 00:00:00 GMTbreaking-newssecurityai-agentsdefiweb3hackshttps://news.cryptogrind.com/blog/dormant-ethereum-wallets-drained-coordinated-attack/https://news.cryptogrind.com/blog/dormant-ethereum-wallets-drained-coordinated-attack/A coordinated attacker swept over 500 long-dormant Ethereum addresses, stealing ~$800K and routing funds through ThorChain. The compromise vector is still unknown — and your old wallets may not be safe.Sat, 02 May 2026 00:00:00 GMTbreaking-newsethereumsecuritydefihackshttps://news.cryptogrind.com/blog/north-korea-ai-defi-hacker-april-625m-record/https://news.cryptogrind.com/blog/north-korea-ai-defi-hacker-april-625m-record/April 2026 was the worst month in crypto hack history: 30 attacks, $625M drained, North Korea behind 76% of it. Now a developer is claiming DPRK trained an AI to autonomously exploit DeFi — and the Wasabi Protocol's $5M multi-chain drain may be its latest hit.Fri, 01 May 2026 09:00:00 GMTbreaking-newshackdefinorth-koreasecuritywasabi-protocolhttps://news.cryptogrind.com/blog/defi-united-300m-aave-rseth-rescue-kelpdao/https://news.cryptogrind.com/blog/defi-united-300m-aave-rseth-rescue-kelpdao/DeFi United drops its technical rescue blueprint today, with Consensys, Aave, Compound, the Solana Foundation and 14 other protocols pledging $300M+ in ETH to re-collateralize rsETH after the $292M Lazarus-linked KelpDAO exploit. This is the most coordinated cross-protocol rescue in DeFi history.Tue, 28 Apr 2026 00:00:00 GMTbreaking-newsdefisecurityaaveethereumnorth-korealazarushttps://news.cryptogrind.com/blog/litecoin-zero-day-mweb-13-block-reorg/https://news.cryptogrind.com/blog/litecoin-zero-day-mweb-13-block-reorg/A zero-day exploit in Litecoin's MimbleWimble privacy layer triggered a 13-block chain reorg, wiping three hours of transactions. Litecoin denied it was a zero-day. GitHub commits say otherwise.Sun, 26 Apr 2026 10:00:00 GMTbreaking-newslitecoinhackexploitsecuritymwebdefihttps://news.cryptogrind.com/blog/lazarus-mach-o-man-macos-crypto-executives/https://news.cryptogrind.com/blog/lazarus-mach-o-man-macos-crypto-executives/Lazarus Group's new 'Mach-O Man' macOS malware is targeting crypto and fintech executives with convincing fake meeting invites, stealing keychain data and wallet credentials before erasing itself completely.Thu, 23 Apr 2026 00:00:00 GMTbreaking-newssecuritynorth-korealazarus-grouphacksmacossocial-engineeringhttps://news.cryptogrind.com/blog/april-defi-bloodbath-606m-18-days-congress-hearing/https://news.cryptogrind.com/blog/april-defi-bloodbath-606m-18-days-congress-hearing/April 2026 is already the worst month for crypto hacks since February 2025. $606 million gone in 18 days. 3.7x the entire first quarter. Today, Congress is holding hearings. Here's what broke.Tue, 21 Apr 2026 08:00:00 GMTdefisecurityhacksregulationbreaking-newslazarus-grouphttps://news.cryptogrind.com/blog/vercel-breach-crypto-frontend-context-ai/https://news.cryptogrind.com/blog/vercel-breach-crypto-frontend-context-ai/Hackers breached Vercel — the hosting backbone for thousands of DeFi apps — by exploiting a compromised third-party AI platform. API keys, tokens, and source code are on sale for $2M on BreachForums.Mon, 20 Apr 2026 00:00:00 GMTbreaking-newssecuritydefiweb3infrastructurehackshttps://news.cryptogrind.com/blog/kelp-dao-rseth-292m-layerzero-bridge-exploit/https://news.cryptogrind.com/blog/kelp-dao-rseth-292m-layerzero-bridge-exploit/Kelp DAO's rsETH bridge was drained in minutes after an attacker forged LayerZero cross-chain messages. Bad debt cascaded across Aave, Compound, and Euler. It's 2026's biggest DeFi hack — so far.Sun, 19 Apr 2026 00:00:00 GMTbreaking-newshackdefilayerzeroaaverestakingsecurityjobshttps://news.cryptogrind.com/blog/operation-atlantic-secret-service-crypto-approval-phishing/https://news.cryptogrind.com/blog/operation-atlantic-secret-service-crypto-approval-phishing/Operation Atlantic, a joint US-UK-Canada law enforcement strike, froze $12M and traced $45M in crypto approval phishing fraud across 30+ countries. Here's what that means for the industry.Sat, 18 Apr 2026 00:00:00 GMTbreaking-newsenforcementsecurityregulationdefihttps://news.cryptogrind.com/blog/france-crypto-kidnapping-one-every-2-5-days/https://news.cryptogrind.com/blog/france-crypto-kidnapping-one-every-2-5-days/41 violent crypto kidnappings in 2026. France now has the worst crypto ransom attack rate in the world, and the interior ministry just admitted they've lost control.Fri, 17 Apr 2026 00:00:00 GMTbreaking-newssecurityregulationcrimeeuropehttps://news.cryptogrind.com/blog/grinex-hack-garantex-successor-western-spies/https://news.cryptogrind.com/blog/grinex-hack-garantex-successor-western-spies/Grinex — the sanctions-dodging successor to Russia's notorious Garantex — shut down after a $13M hack and blamed 'Western special services.' The irony is too rich.Fri, 17 Apr 2026 00:00:00 GMTbreaking-newshacksrussiasanctionsenforcementdefiexchangehttps://news.cryptogrind.com/blog/bitcoin-quantum-tripwire-satoshi-coins-freeze/https://news.cryptogrind.com/blog/bitcoin-quantum-tripwire-satoshi-coins-freeze/A new 'canary address' proposal would only freeze 6.5 million vulnerable BTC — including Satoshi's coins — if a quantum computer actually proves it can break Bitcoin first. Adam Back says there's a better way.Thu, 16 Apr 2026 00:00:00 GMTbitcoinquantumsecuritybip-361breaking-newsdevelopershttps://news.cryptogrind.com/blog/drift-tether-148m-rescue-usdc-dethroned/https://news.cryptogrind.com/blog/drift-tether-148m-rescue-usdc-dethroned/Tether is bailing out Drift Protocol with $148M after North Korea's $285M heist — but the real play is quietly replacing Circle's USDC as Solana DeFi's settlement currency.Thu, 16 Apr 2026 00:00:00 GMTbreaking-newsdefisolanatetherusdtusdccirclenorth-koreahacksstablecoinshttps://news.cryptogrind.com/blog/fake-ledger-apple-app-store-9-million-theft/https://news.cryptogrind.com/blog/fake-ledger-apple-app-store-9-million-theft/A fraudulent Ledger Live app slipped through Apple's review process, stayed live for roughly two weeks, and drained $9.5 million from 50+ victims before ZachXBT blew the whistle.Wed, 15 Apr 2026 00:00:00 GMTbreaking-newssecurityhackappleledgerwalletzachxbthttps://news.cryptogrind.com/blog/hyperbridge-1-billion-dot-minted-237k-stolen/https://news.cryptogrind.com/blog/hyperbridge-1-billion-dot-minted-237k-stolen/A forged cross-chain proof let an attacker mint 1,000,000,000 fake DOT tokens on Ethereum in a single transaction. Thin liquidity saved Polkadot. Twelve days earlier, Hyperbridge had posted an April Fools' joke about exactly this.Tue, 14 Apr 2026 00:00:00 GMTbreaking-newsdefihackspolkadotbridgessecurityhttps://news.cryptogrind.com/blog/drift-north-korea-six-month-infiltration/https://news.cryptogrind.com/blog/drift-north-korea-six-month-infiltration/Drift Protocol confirmed today that the April 1 exploit wasn't opportunistic — DPRK-linked hackers spent six months attending crypto conferences, building real relationships, and depositing real money before draining $270M.Sun, 05 Apr 2026 00:00:00 GMTbreaking-newsdefisecuritynorth-koreadprksolanahacksjobshttps://news.cryptogrind.com/blog/circle-usdc-freeze-zachxbt-drift-hack/https://news.cryptogrind.com/blog/circle-usdc-freeze-zachxbt-drift-hack/ZachXBT just published a damning thread showing Circle had the power to freeze $232M in stolen Drift Protocol funds — during business hours, over 6 hours — and chose not to. It's part of a pattern spanning $420M across 15 cases since 2022.Sat, 04 Apr 2026 00:00:00 GMTbreaking-newsdefisecurityregulationstablecoinssolanahttps://news.cryptogrind.com/blog/drift-protocol-solana-exploit-270m/https://news.cryptogrind.com/blog/drift-protocol-solana-exploit-270m/Drift Protocol, Solana's leading perpetuals DEX, was drained of up to $285M in a still-unconfirmed exploit on April 1 — and the attacker is still moving funds right now.Wed, 01 Apr 2026 00:00:00 GMTbreaking-newsdefisecuritysolanaexploithacksjobshttps://news.cryptogrind.com/blog/google-quantum-bitcoin-crypto-jobs/https://news.cryptogrind.com/blog/google-quantum-bitcoin-crypto-jobs/Google says breaking Bitcoin may need 20x fewer qubits than thought. 6.9M BTC already exposed. The race to hire post-quantum crypto engineers starts now.Tue, 31 Mar 2026 15:00:00 GMTbitcoinquantum-computinggooglesecuritycryptographyjobspost-quantumhiringhttps://news.cryptogrind.com/blog/claude-code-source-leak-crypto-ai-security/https://news.cryptogrind.com/blog/claude-code-source-leak-crypto-ai-security/512K lines of TypeScript and 44 feature flags exposed via npm. If your crypto team uses AI coding tools, your threat model just changed.Tue, 31 Mar 2026 12:00:00 GMTsecurityaiclaude-codenpmcryptodeveloper-toolsjobssupply-chainhttps://news.cryptogrind.com/blog/axios-supply-chain-attack-crypto-security-jobs/https://news.cryptogrind.com/blog/axios-supply-chain-attack-crypto-security-jobs/The Axios supply chain attack dropped a crypto-wallet-stealing RAT on 100M weekly installs. What happened, why AI missed it, and the security roles crypto needs now.Tue, 31 Mar 2026 09:00:00 GMTsecuritysupply-chainnpmaxioscryptonorth-koreajobsaivulnerabilities