Monday, February 23, 2026

Access is being granted faster than it’s being understood, agents are learning you before you can secure them, and the next failures are starting where systems act on inputs nobody verified.

This week:

• AI agents became identity attack surfaces, with infostealers stealing memory, credentials, and behavior while poisoned skills and prompt injections rewrote what they trust.

• One missing multiplication wiped $1.78M, as bots liquidated instantly while AI review, humans, and governance all approved broken code.

• The new attack surface isn’t just contracts or infrastructure, it’s the data, memory, and assumptions feeding them, the places where systems act with confidence on inputs that were never actually true.

When agents learn you, price feeds lie, and nobody double-checks the math, crypto doesn’t break at the edge. It breaks inside the systems you already trust.

• AI agents became identity attack surfaces. Infostealers evolved from grabbing passwords to exfiltrating OpenClaw environments, stealing gateway tokens, signing keys, and memory files that map how users think, work, and interact. At the same time, roughly 20% of the ClawHub ecosystem was poisoned with malicious skills, while prompt injection campaigns quietly rewrote agent memory and trust assumptions. (Read more)

• One missing multiplication triggered a $1.78M liquidation cascade. Moonwell deployed an oracle that priced cbETH at $1.12 instead of ~$2,200 after skipping the ETH/USD conversion, and bots immediately liquidated positions within the same block. The code passed AI review, human review, and a 99% governance vote, while a five-day timelock made fixes irrelevant in real time. (Read more)

When AI Exploits Better Than Defends: What OpenAI's EVMbench Means for Web3 Security (6 min read)
OpenAI’s EVMbench shows AI agents succeed at exploiting contracts far more often than they can detect or patch them, turning attacks into a fast, repeatable process. Static audits can’t keep up once contracts go live, where composability and cross-chain interactions create new failure paths. Security is shifting from pre-deploy checks to runtime enforcement.

Deepfakes & Billion-Dollar Heists: The Lazarus Group Act (10 min read)
North Korea’s Lazarus Group is turning video calls into attack surfaces, using deepfake Zoom meetings and fake “audio fixes” to install malware and take over devices. The real exploit isn’t code but trust, hijacked accounts, familiar faces, and urgency that pushes victims to execute the payload themselves.

Solana Upgrade Patterns: Security Guide for 2026 (24 min read)
Solana made contracts upgradeable by default, and turned the upgrade key into one of the most dangerous pieces of infrastructure in crypto. From single-key compromises to DAO delays and “ghost state” bugs, the biggest risks now come from who controls upgrades and how new code interprets old data.

The Enterprise DLT Oracle Challenge (6 min read)
Smart contracts execute perfectly, until the data feeding them is wrong. Enterprises don’t fail at logic, they fail at trusting inputs that trigger real-world consequences like payments, settlements, and legal obligations. Decentralized oracles solve price feeds, but break on accountability, privacy, and latency when real businesses are involved.

How Intent-Based Lending Changes DeFi Risk? (12 min read)
DeFi lending is moving off-chain, replacing pooled liquidity with signed intents and solver-driven matching. Capital stays in user wallets until settlement, but that shift introduces new risks across the intent-to-execution pipeline. Solvers gain power, timing gaps open, and failures now come from stale oracles, replayed signatures, and manipulated matches rather than pool math.

OpenClaw agents are becoming a new target for infostealers. Malware is now exfiltrating config files, API keys, and private memory from local AI assistants, turning them into full identity takeovers.

ZeroDayRAT turns your phone into a live surveillance feed. The mobile spyware steals messages, crypto, and 2FA codes while running clipboard hijacks, giving attackers full control the moment you tap a malicious link.

Hardware wallet users are getting phished through physical mail. Fake Ledger and Trezor letters with QR codes push “security checks” that trick victims into entering seed phrases and handing over their funds.

OpenAI’s KYC provider is accused of quietly feeding user data to government systems. Investigation-linked code suggests identity checks, including crypto addresses, may be screened, tagged, and persistently monitored without users realizing it.

Wrench attacks are turning crypto into a physical security problem. Experts warn kidnappings, torture, and home invasions are rising, and the best defense isn’t fighting, it’s awareness, low visibility, and giving up funds before things escalate.

Senior Security Program Manager, Keyrock, Remote (EU, US)

Chief Information Security Officer, Binance, Greece, Remote

Security Engineer, LayerZero, Vancouver, BC

Senior Offensive Security Engineer, BitMEX, Asia, Remote

Security Governance Lead, Sui Foundation, United States, Remote

Three years ago, DeFi learned that “doxxed teams” and multisigs don’t stop rugs, they just make them look more legitimate. Hope Finance lost $1.86M after a multisig-approved “rogue dev” pushed a fake router, rerouted swaps into a personal wallet, and quietly bridged the funds to Tornado Cash while the team blamed each other in public. Same pattern every cycle: the trust setup looks solid on paper, right until it signs the transaction that drains you.

Stolen crypto doesn’t sit in wallets, it shows up as Lambos, watches, and Miami mansions. Telegram brokers turn hacked funds into “normal life,” routing dirty coins through jets, rentals, and middlemen who sell status for a cut. It works until it doesn’t - because every flex leaves a trail, and eventually the chain hits back.

Skip the bots, hit the brains.

Get your message in front of the sharpest, most battle-tested crowd in crypto.

If they notice you, the whole space will. [Partner with us]

We provide an anonymous platform for whistleblowers and DeFi detectives to present their information to the community. All authors remain anonymous. 
We are all rekt.