Monday, March 2, 2026

Trust is collapsing faster than systems can adapt, exploits are getting cheaper while assumptions get weaker, and the real attack surface is no longer the code. It’s everything built on top of it.

This week:

• IoTeX’s bridge got drained by a single compromised owner key. An attacker took control of the bridge validator contract, upgraded the validator logic, seized admin rights over TokenSafe and MinterPool, and walked out with ~$4.4M in real bridged assets (USDC/USDT/WBTC/WETH/etc.) while also minting hundreds of millions of unbacked CIOTX on top. (Read more)

• YieldBlox ate a $10.97M oracle manipulation because USTRY traded in a vacuum. The attacker found an illiquid USTRY/USDC market with effectively no depth, pushed the price 100× with one abnormal trade, and let a VWAP oracle treat that print like truth. Then they deposited USTRY as “valuable” collateral and borrowed $10.97M in USDC and XLM from the community-managed pool, leaving bad debt behind. Validators froze a chunk of the XLM and a bounty message went on-chain, but the attacker’s reply was the only one that matters: keep bridging, keep laundering. (Read more)

Agentic AI Security Risks in Web3: What Protocols Need to Know in 2026 (13 min read)
AI agents don’t need to be hacked to lose your money, they just need permission. Once an agent can read untrusted data and also move funds, prompt injection, malicious tools, or bad logic can turn it into a self-operating exploit. The real failure isn’t the model, it’s giving it keys, authority, and no hard limits.

The RPC Bottleneck in EVM Security Learning (5 min read)
Learn EVM Attacks turned exploit reproduction into a fully local process, removing RPC dependencies by caching on-chain state and replaying attacks offline with deterministic results. This eliminates broken tests, rate limits, and setup friction, turning security research from infrastructure juggling into pure exploit analysis.

Inside the GitHub Infrastructure Powering North Korea’s Contagious Interview npm Attacks (34 min read)
North Korean operators are scaling a factory-style supply chain attack, pushing hundreds of malicious npm packages disguised as harmless dev tools and test assignments. The real exploit isn’t the package, it’s the hiring process, where developers voluntarily run malware during “interviews.” Once installed, payloads escalate into full system compromise, targeting browser data, wallet extensions, and sensitive files across environments.

Yieldblox $10M Hack (Oracle Manipulation - Explained) (7 min read)
A single trade turned a $1 asset into $106, and the oracle believed it. YieldBlox trusted a VWAP feed from a market with effectively zero liquidity, letting attackers inflate collateral and drain over $10M in USDC and XLM.

In-Depth Security Risk Analysis of the Fingerprint Browser Industry (40 min read)
Fingerprint browsers promise isolation, but in practice they concentrate wallets, sessions, and credentials into a single point of failure. Audits show systemic flaws - from insecure Electron configs and exposed local APIs to hijackable extension stores - that turn minor bugs into full compromise.

ZachXBT exposes alleged insider abuse at Axiom involving private wallet tracking. The investigation claims an employee used internal tools to monitor user wallets, map high-value traders, and discuss profit strategies based on that access, raising serious concerns about data misuse and weak internal controls.

AI-assisted brute-force campaign compromises 600+ firewalls globally. Instead of using exploits, the attacker targeted exposed FortiGate interfaces with weak credentials, then used AI to automate recon, map networks, and plan lateral movement, turning basic access into full-scale intrusion across 55 countries.

Predator spyware turns off iPhone’s “you’re being watched” lights. By hijacking system-level indicators, it records camera and microphone activity without showing the green or orange dots, leaving users completely blind to active surveillance.

Supply chain worm spreads through npm and hijacks developer identities. Malicious packages steal keys, tokens, and secrets, then propagate via compromised npm and GitHub accounts while injecting prompt exploits into AI coding tools to expand access and persistence.

Pig-butchering scams turn relationships into extraction pipelines. Fraudsters spend weeks or months building trust, then funnel victims into fake crypto platforms that show profits, push bigger deposits, and finally lock withdrawals while funds disappear through laundering networks.

• Halborn audited Huma Finance’s updated Solana lending protocol components, including redemption request handling, pool configuration reallocation, and Sentinel-assisted auto-redemption logic. The three-day review reported 4 total findings with no critical, high, or medium issues, identifying one low-severity risk around pool configuration reallocation potentially causing inconsistent state, alongside informational concerns on delegation validation gaps, potential denial-of-service for non-migrated pools, and operational constraints requiring delegation approval for certain deposit flows.

• Hacken audited S3 Markets’ ERC-1155-based environmental asset system, including custody vaults, transfer gating, and upgradeable proxy flows. The assessment reported 19 total findings with 2 high, 1 medium, and 1 low-severity issues, all resolved, primarily covering risks around funds loss via direct transfers, token lock/burn edge cases, transfer gate bypass scenarios, and authorization gaps, while also highlighting broader structural concerns around centralized minting authority, upgradeability controls, and reliance on privileged roles.

• Nethermind audited Mellow Finance’s SyncDepositQueue and the Solidity review reported zero findings across critical, high, medium, low, informational, or best-practice categories, with notes focused on process hygiene (clear client-provided system overview, strong test execution) and a suggestion to improve developer-facing documentation via more complete NatSpec and inline parameter explanations.

• Halborn audited Kite’s staking and rewards contracts, reporting 9 findings including 2 critical issues around reward-vault drainage via reentrancy and incorrect uptime initialization enabling excess reward claims. All issues were fixed, with mitigations focused on enforcing proper state updates, reentrancy protection, and improved uptime accounting.

• Cantina audited Ondo Finance’s RWA limit order system, covering batch execution, quote calculation logic, and order settlement flows. The review reported no critical or high-severity issues, with 2 low-risk findings and 3 informational issues, highlighting edge-case risks around batch order DoS via atomic execution design, zero-value rounding scenarios, and partial-fill refund handling trade-offs.

Two years ago, WooFi learned that custom oracle designs don’t fail loudly, they fail expensively. A flash loan on Arbitrum pushed WOO’s price out of range, slipped past incomplete fallback checks, and let an attacker drain $8.5M while the system treated a broken price as truth. Same oracle manipulation pattern, same thin liquidity setup, same “audited” reassurance that didn’t matter once the assumptions collapsed.

China didn’t just hack systems, it industrialized stealing them. PLA-backed crews lifted source code, identities, and trade secrets at scale, turning breaches into long-term economic weapons. This isn’t espionage, it’s supply chain theft for innovation, and the bill is measured in trillions.

Skip the bots, hit the brains.

Get your message in front of the sharpest, most battle-tested crowd in crypto.

If they notice you, the whole space will. [Partner with us]

We provide an anonymous platform for whistleblowers and DeFi detectives to present their information to the community. All authors remain anonymous. 
We are all rekt.