y0news
AnalyticsDigestsSourcesTopicsRSSAICrypto

#smart-contract-security News & Analysis

31 articles tagged with #smart-contract-security. AI-curated summaries with sentiment analysis and key takeaways from 50+ sources.

31 articles
DeFiBearishBitcoinist · Jun 227/10
💎

Infamous MEV Bot JaredFromSubway Drained For $7.5 Million

The MEV bot JaredFromSubway lost $7.5 million after attackers exploited malicious token approvals to drain assets from its smart contract. This incident highlights persistent security vulnerabilities in automated trading bots and the risks of unlimited token permissions on blockchain protocols.

Infamous MEV Bot JaredFromSubway Drained For $7.5 Million
$ETH
CryptoBullishNewsBTC · Jun 217/10
⛓️

Ethereum Foundation Details Clear Signing Wallet Standards to Combat Phishing

The Ethereum Foundation has proposed new standards for clear signing in Web3 wallets to replace blind signing, making transactions human-readable and reducing phishing vulnerabilities. This initiative addresses a critical security gap where users cannot verify transaction details before approval, protecting them from malicious contract interactions.

Ethereum Foundation Details Clear Signing Wallet Standards to Combat Phishing
$ETH
DeFiBearishCoinDesk · Jun 217/10
💎

Ethereum's biggest 'sandwich' bot drained of $7.5 million in ironic exploit

A sophisticated attacker exploited Jaredfromsubway.eth, a prominent Ethereum MEV bot operator, by tricking them into approving fraudulent trading routes and subsequently draining $7.5 million in WETH, USDC, and USDT. The exploit highlights vulnerabilities in smart contract approval mechanisms and demonstrates that even experienced DeFi participants remain susceptible to social engineering and signature manipulation attacks.

Ethereum's biggest 'sandwich' bot drained of $7.5 million in ironic exploit
$ETH
DeFiBearishcrypto.news · Jun 217/10
💎

JaredFromSubway MEV bot gets drained in $7.5m approval trap

A MEV bot named JaredFromSubway lost $7.5 million in WETH, USDC, and USDT after an attacker exploited token approval vulnerabilities to drain its Ethereum contract. The incident highlights critical smart contract security risks in the MEV bot ecosystem where token approvals can be weaponized to siphon assets.

JaredFromSubway MEV bot gets drained in $7.5m approval trap
$ETH
DeFiBearishNewsBTC · Jun 197/10
💎

Aztec Legacy Exploit Shows The Long Tail Risk Of Deprecated Crypto Contracts

The Aztec Connect protocol experienced a significant security exploit, with SlowMist's analysis revealing critical vulnerabilities in deprecated smart contracts. The incident underscores systemic risks when blockchain protocols remain immutable and unpatched after being sunset, creating long-tail security exposure for users and the ecosystem.

Aztec Legacy Exploit Shows The Long Tail Risk Of Deprecated Crypto Contracts
DeFiBearishNewsBTC · Jun 117/10
💎

Crypto Hackers Drain Over $36M From Protocols Using Unverified Contracts

Hackers exploited unverified smart contracts to steal over $36 million across four DeFi protocols in six months, with a single Truebit attack netting $26 million. The attacks highlight a critical security gap: contracts without public source code verification bypass standard review processes, allowing attackers to decompile bytecode and use AI tools to identify exploitable vulnerabilities at scale.

Crypto Hackers Drain Over $36M From Protocols Using Unverified Contracts
$BTC$ETH
DeFiBearishProtos · Jun 107/10
💎

Raydium’s old liquidity pools exploited for $1.3 million

Raydium, a major Solana-based decentralized exchange, experienced a $1.3 million exploit targeting its legacy liquidity pools, with attackers successfully draining SOL, USDC, and RAY tokens. The incident highlights ongoing security vulnerabilities in DeFi protocols, even among established platforms, and raises concerns about the safety of older pool infrastructure.

Raydium’s old liquidity pools exploited for $1.3 million
$SOL
DeFiBearishcrypto.news · Jun 97/10
💎

Token of Power exploit drains $1.58M from Balancer pool

Token of Power (TOP) experienced a significant exploit on Tuesday that resulted in $1.58 million being drained from its Balancer V1 liquidity pool. Multiple on-chain security firms including Blockaid, PeckShield, and Cyvers identified and reported the attack, highlighting ongoing vulnerabilities in decentralized finance protocols.

Token of Power exploit drains $1.58M from Balancer pool
AI × CryptoBullisharXiv – CS AI · Jun 57/10
🤖

AttackPathGNN: Cross-function vulnerability detection in smart contracts using state interference graphs and conjunction pooling

Researchers introduce AttackPathGNN, a graph neural network that detects smart contract vulnerabilities by analyzing relationships between functions rather than isolated code patterns. The method achieves 92.3% F1 score on test datasets and identifies exploits like reentrancy that existing detectors miss, addressing security gaps exposed by historical attacks like The DAO.

DeFiBearishBankless · Jun 17/10
💎

Gnosis Pay Hit with Module Attack

Gnosis Pay experienced a module-based security attack that compromised user funds, though the platform has committed to reimbursing affected victims. The incident raises significant questions about the robustness of the underlying smart contract architecture and module validation mechanisms.

Gnosis Pay Hit with Module Attack
DeFiBearishProtos · Jun 17/10
💎

Rough weekend for DeFi: Four hacks, three outages, one warning

DeFi experienced a tumultuous weekend marked by four separate hacks, multiple Sui network outages, and a crypto card-related warning that extended market anxiety into the week. These incidents collectively highlight persistent security vulnerabilities and infrastructure fragility across decentralized finance protocols.

Rough weekend for DeFi: Four hacks, three outages, one warning
AI × CryptoBearishFortune Crypto · Jun 17/10
🤖

Financial fraud in an era of blockchain and AI

The article examines how blockchain and AI technologies present dual-edged implications for the U.S. financial system, offering transformative opportunities while simultaneously creating new fraud risks and systemic vulnerabilities that regulators and institutions must address.

Financial fraud in an era of blockchain and AI
DeFiBearishcrypto.news · May 297/10
💎

DxSale exploit drains $7.3M in BNB through hidden contract backdoor

DxSale, a liquidity locker platform on BNB Chain, lost $7.3 million in BNB after attackers exploited a hidden backdoor in its smart contract to drain funds from over 1,400 liquidity providers. The incident highlights critical security vulnerabilities in DeFi infrastructure and raises concerns about contract auditing practices.

DxSale exploit drains $7.3M in BNB through hidden contract backdoor
$BNB
AI × CryptoNeutralCrypto Briefing · May 277/10
🤖

A16z crypto study shows AI agents can detect DeFi exploits, but executing them is another story

A16z's research demonstrates that AI agents can successfully identify vulnerabilities in DeFi protocols, but face significant practical and technical barriers when attempting to exploit them. The findings underscore the dual-edged nature of AI in blockchain security and highlight the critical importance of developing containment measures to mitigate potential misuse by malicious actors.

A16z crypto study shows AI agents can detect DeFi exploits, but executing them is another story
AI × CryptoBullisharXiv – CS AI · May 127/10
🤖

CHAINTRIX: A multi-pipeline LLM-augmented framework for automated smart-contract security auditing

Researchers introduce Chaintrix, an LLM-augmented smart-contract auditing framework that combines AI analysis with deterministic structural verification to reduce false positives. The system achieves 71.7% recall on high-severity vulnerabilities, outperforming existing AI and static analysis tools by 26 percentage points on OpenAI's EVMbench benchmark.

🏢 OpenAI
DeFiBearishDecrypt – AI · May 47/10
💎

Aave Fights to Unfreeze $71 Million as Kelp DAO Hack Spills Into Court

Aave is fighting in federal court to unfreeze $71 million in recovery funds stemming from the Kelp DAO hack, raising a critical legal question about whether seized crypto assets can be used to satisfy unrelated judgments. The case will set precedent for how DeFi protocols and recovery mechanisms interact with the traditional legal system.

Aave Fights to Unfreeze $71 Million as Kelp DAO Hack Spills Into Court
$AAVE
DeFiBullishBlockonomi · May 27/10
💎

Sui Blockchain Is Rewriting the Rules of Transaction Speed, Security, and Institutional DeFi

Sui blockchain introduces a parallel transaction model using an object-based architecture that eliminates sequential processing bottlenecks, while its Move programming language enhances smart contract security. The platform's quantum-safe cryptography positions it as a more secure alternative to older blockchains like Ethereum and Solana for institutional DeFi applications.

$ETH$SOL
DeFiBearishBlockonomi · Apr 177/10
💎

Rhea Finance Hack Shakes DeFi as $7.6M Drained Through Fake Liquidity Trap

Rhea Finance suffered a $7.6 million exploit through a sophisticated attack involving fake token contracts and manipulated liquidity pools that deceived the protocol's Oracle mechanisms. The attackers extracted funds by creating artificial liquidity traps, prompting Rhea Finance to pause all contracts while investigating the incident with security partners.

CryptoBullishThe Block · Apr 147/10
⛓️

Ethereum Foundation launches $1 million crypto security subsidy, providing access to over 20 audit firms

The Ethereum Foundation has launched a $1 million security subsidy program in partnership with Areta's audit marketplace, granting developers access to over 20 vetted security firms including Blocksec, Certora, Hacken, Immunefi, and Quantstamp. This initiative aims to reduce barriers to smart contract auditing and strengthen the overall security posture of the Ethereum ecosystem.

Ethereum Foundation launches $1 million crypto security subsidy, providing access to over 20 audit firms
$ETH
CryptoNeutralBitcoinist · Apr 117/10
⛓️

Global Authorities Move Against Crypto Phishing, 20K Victims Revealed

International authorities from the US, UK, and Canada have dismantled a major crypto phishing operation affecting over 20,000 victims, freezing $12 million in suspected criminal proceeds and identifying $45 million in total cryptocurrency fraud. The coordinated crackdown targets approval phishing scams, a prevalent vector for stealing digital assets from unsuspecting users.

Global Authorities Move Against Crypto Phishing, 20K Victims Revealed
DeFiBearishBankless · Apr 107/10
💎

Can DeFi Survives Mythos?

The article examines critical vulnerabilities threatening DeFi's sustainability, exploring the existential risks users face in decentralized finance and evaluating emerging mitigation strategies. The piece highlights systemic challenges that could determine whether DeFi survives as a viable ecosystem or collapses under its own complexities.

Can DeFi Survives Mythos?
AI × CryptoBearishProtos · Jun 96/10
🤖

Anthropic’s public Claude Fable release has crypto on edge

Anthropic has publicly released Claude Fable 5, an AI software that has generated concern within the cryptocurrency community about potential negative consequences for internet infrastructure and security. The release has sparked discussions about the implications of advanced AI capabilities intersecting with crypto ecosystems.

Anthropic’s public Claude Fable release has crypto on edge
🏢 Anthropic🧠 Claude
CryptoNeutralBitcoinist · Jun 16/10
⛓️

Crypto Exploit Losses Reach $68 Million In May Despite Limited Phishing Damage

Cryptocurrency exploit losses declined significantly to $68 million in May, down from $650 million in the prior month, with code vulnerabilities accounting for approximately 66% of losses. The sharp drop suggests improved security measures and reduced attack surface, though developers remain vulnerable to smart contract flaws.

Crypto Exploit Losses Reach $68 Million In May Despite Limited Phishing Damage
Page 1 of 2Next →