security

The Ethereum Layer2 project Taiko has released the latest developments on the security incident, stating that this incident will not result in any loss of user funds. Currently, the bridged assets are in a state of insufficient collateral, and all additional collateral will be completed before the bridge reopens, ensuring that each user's balance receives 1:1 support, consistent with the situation before the incident occurred.Since the occurrence of this security incident, cautious measures have been taken, including controlling the scope of impact, determining the cause of the incident, and collaborating with the board to develop a plan to protect user assets. In addition, the CEO of Taiko has submitted a formal report to the relevant authorities in Singapore, and the team will fully cooperate in tracing the responsible parties. Users currently do not need to take any action; at this stage, the completed repair plan is being tested, and the chain and bridging services will be reopened as soon as safety is ensured. Users are also reminded to be vigilant against scams; the Taiko team will not proactively message users, and there are no websites for claiming or refunds. Any links provided for such purposes are scams.

The password management tool LastPass announced that its third-party market intelligence platform Klue experienced a security incident, where hackers stole multiple OAuth tokens held by Klue for various clients (including LastPass) and used these tokens to access LastPass's Salesforce CRM system, potentially leading to the leakage of business contact information and CRM data, including some customers' names, phone numbers, email addresses, home addresses, and support cases.The official reminder: LastPass's products, services, infrastructure, and customer vaults have not been affected, and Gong system data has not been accessed. LastPass has immediately taken measures, including stopping employee access to Klue, rotating exposed API tokens, conducting a detailed investigation, and collaborating with Klue, Salesforce, and law enforcement, while also sharing threat intelligence with the security community through the TIME team and strengthening future protections. Users should remain vigilant against potential phishing emails, calls, or social engineering attacks that may exploit the leaked information, and remember that LastPass will never ask for the master password; all official communications are sent through trusted channels.

According to the Associated Press, Anthropic's Mythos model has discovered vulnerabilities in the U.S. government's classified systems.

On Monday, U.S. President Trump signed two executive orders aimed at accelerating the development of U.S. quantum computing capabilities and advancing the government's transition to post-quantum cryptography. Although the executive orders did not directly mention Bitcoin, industry insiders believe this could benefit the blockchain's post-quantum security research and development.The two executive orders focus on defending against advanced cryptographic attacks and promoting cutting-edge quantum innovation. They include a clear timeline: to advance the construction of quantum sensors by September 2028 and require federal high-value assets and high-impact systems to complete the transition to post-quantum cryptography by the end of 2031. Project Eleven CEO Alex Pruden stated that this means the U.S. government will invest time and resources to achieve post-quantum security goals and may extend related requirements to the entire federal contractor system, not just limited to government agencies, thereby accelerating the implementation of post-quantum cryptographic technology.At the time of this policy announcement, the blockchain industry’s concern about quantum threats continues to rise. Organizations like the Ethereum Foundation and the Solana Foundation have begun advancing post-quantum security research and development, while the Bitcoin community is also discussing potential risks. Some publicly exposed Bitcoin addresses are believed to face the risk of private keys being derived once powerful quantum computers emerge in the future. Pruden pointed out that this executive order clearly sets the deadline for adopting post-quantum cryptography as 2031, which is more binding than the previous guidance from the U.S. government that proposed phasing out traditional cryptographic systems by 2035. For Bitcoin and the broader cryptocurrency industry, government investment in post-quantum security may accelerate the maturity of related tools, standards, and migration paths.

SecondFi posted on platform X that the team discovered security issues with a small number of Cardano wallets on the platform. The issue has been contained and affected features have been suspended, while the engineering team is actively working to restore all platform functionalities. To protect users, SecondFi has temporarily entered maintenance mode, and all front-end interactions have been suspended.

Taiko officially stated on X: "We have identified the root cause of this attack and are currently developing a fix to restore the blockchain's online operation as soon as possible. At the same time, we are working closely with major exchanges and security partners to track and freeze the hacker's assets. The remaining funds in the cross-chain bridge are currently safe, and we will announce the next steps in our upcoming updates. To focus on fixing the vulnerabilities and protecting user assets, we will pause updates for a few hours."Previously, it was reported that the Taiko cross-chain bridge was attacked, with losses potentially reaching up to $1.7 million.

OpenAI announced a comprehensive expansion of its cybersecurity program Daybreak, aimed at leveraging artificial intelligence to accelerate the discovery and automatic remediation of software vulnerabilities. The core of this expansion is the full version dedicated model GPT-5.5-Cyber launched for trusted defenders. It is reported that this model has set the highest score records in multiple cybersecurity benchmark tests, surpassing GPT-5.5's 81.8% and competitor Mythos 5's 83.8%, significantly improving the accuracy of vulnerability scanning and patch generation. At the same time, the synchronously updated Codex Security plugin has been deeply integrated into the developer workflow, supporting fully automated codebase scanning, threat modeling, and patch generation.In terms of ecosystem development, OpenAI has launched an exclusive partner program, allowing compliant security service providers to integrate GPT-5.5 with specific permissions into their commercial products; and has initiated the "Patch the Planet" program in collaboration with organizations like Trail of Bits to assist over 30 foundational open-source projects such as Python and Go in implementing vulnerability fixes. In addition, OpenAI revealed that it is currently engaged in deep cooperation with governments and institutions from multiple countries, including the United States, the United Kingdom, France, and Japan, to jointly enhance the cybersecurity capabilities of global critical infrastructure.

According to Jinshi, IBM's stock rose 2% after hours, after the company announced a collaboration with OpenAI to launch artificial intelligence products related to enterprise network security defense.

According to Jinshi News, Nvidia has released "Halos for Robotics," which is the industry's first full-stack safety system for physical artificial intelligence.

Taiko released a security incident update on platform X, stating that the incident has been brought under control, the cross-chain bridge and vault have been suspended, and funds can no longer be withdrawn. The cross-chain bridge is offline in both directions, and pending transactions are in a suspended state rather than lost. More information will be announced soon.

Blockchain security company Blockaid stated that its detection system found signs of a front-end attack on the Gitcoin subdomain files[.]gitcoin[.]co, with suspected malicious code named "Eleven drainer" included in the website, used for wallet asset theft. Blockaid warns users not to interact with the website at this time, and the related issues are under investigation and repair.

The cross-chain protocol Axelar Network released a statement regarding the recent security incident related to Secret Network, stating that there is a misunderstanding within the community about the event. Both Axelar and the Inter-Blockchain Communication Protocol (IBC) were not attacked or compromised. The affected token smart contracts were neither developed, deployed, nor maintained by Axelar, and Axelar's firewall mechanism also prevented the impact from spreading to other chains.It is reported that the exploited contract is a forked version based on CW20-ICS20, but the developers removed two core security checks, resulting in an "infinite minting" vulnerability. By deleting the verification mechanisms originally used to prevent such issues, this fork altered the original trust model of the contract and did not undergo a new security audit.Axelar Network explained that anyone can deploy contracts for cross-chain asset wrapping through IBC, and similar contracts have also been used to wrap tokens from other chains into Secret Network. However, the Secret side fork version in this incident has vulnerabilities due to the removal of key security checks. This incident is not a unique logical flaw, nor is it an issue with the IBC protocol itself, but rather a security risk introduced by modifications to third-party contracts.

The Zodiac team released a security incident analysis report regarding the impact on the Zodiac Roles Modifier, disclosing that the root cause of the vulnerability lies in a flaw in the ERC-1271 transaction signature verification logic: the system only determines the validity of the signature based on the returned "magic value" without verifying whether the call itself was successful, which may disguise a failed verification as a valid signature, bypassing the module authentication mechanism.

The Algorand Foundation officially released a roadmap for quantum resistance upgrades, planning to launch a series of protocol transformations in 2026, and achieve overall "quantum security" capabilities for the network by the end of 2027 to 2028, in response to the potential threats posed by future quantum computing to existing cryptographic systems.The roadmap indicates that the first phase will introduce post-quantum account systems, multi-signature wallets, and staking support, followed by a gradual upgrade of core protocol components to achieve a comprehensive encryption migration from the wallet layer to the infrastructure. It is reported that several public chain ecosystems, including the Ethereum Foundation and Solana, have also initiated similar research and migration plans for quantum-resistant cryptography.

According to Bloomberg, Israeli artificial intelligence and cybersecurity company Dream has completed a $260 million financing round, with a post-money valuation of approximately $3 billion, nearly tripling from a valuation of about $1 billion in February 2025. This round was led by Bicycle Capital and Group 11, with participation from Bain Capital Ventures, Antler, Tru Arrow Partners, and others.Dream was founded in 2023 by former NSO Group CEO Shalev Hulio and former Austrian Chancellor Sebastian Kurz, initially focusing on national-level AI cyber defense. It has now launched a sovereign AI platform and AI security product Hero aimed at governments and state-owned enterprises, achieving nearly $300 million in sales to date, and will accelerate deployment in Europe, the Middle East, Asia, and the Americas.

DeFi structured protocol Thetanuts Finance issued a statement in response to the security incident involving its Vault. Preliminary investigations indicate that the relevant Vault is an old version contract that was deprecated and migrated years ago, and it is not associated with any currently running contracts or products. Further details are still under investigation, and a complete post-incident analysis report will be released once more information is available.Earlier reports suggested that Thetanuts Finance may have suffered an attack, with preliminary estimates of losses around $2.1 million.

Syscoin released a bridge security incident report, disclosing details of the UTXO-to-NEVM bridge vulnerability incident, which reportedly led to approximately 5 billion SYS being unauthorizedly released on the UTXO side. The related funds have since been returned to the official recovery address and destroyed through the standard OP_RETURN method, making them unusable by the protocol again. The on-chain reported SYS supply has been restored to the expected value, and the bridge function remains suspended while the team completes the final review and fixes.Syscoin pointed out that it will fix the cross-layer parsing defects. The core lesson from this incident is that cross-layer systems must uniformly standardize data processing, and any ambiguous bridge proof should be considered a default failure.

Syscoin released a bridge security incident report, disclosing details of the UTXO-to-NEVM bridging vulnerability incident. It is reported that this incident led to approximately 5 billion SYS being unauthorizedly released on the UTXO side. The related funds have since been returned to the official recovery address and destroyed through the standard OP_RETURN method, making them unusable by the protocol again, and the on-chain reported SYS supply has been restored to the expected value. The bridging function is currently still suspended, and the team is completing the final review and repair.