News
25 May 2026, 13:10
Squid Protocol Says $3.2M Exploit Targeted Third-Party Module, Not Core System

BitcoinWorld Squid Protocol Says $3.2M Exploit Targeted Third-Party Module, Not Core System Cross-chain protocol Squid has moved to clarify the details surrounding a recent security incident that resulted in the loss of approximately $3.2 million in digital assets. In a statement released to the community, the project emphasized that the exploited contract, identified as the ‘SquidRouterModule,’ was not developed, deployed, or operated by Squid itself. Understanding the Attack Vector The compromised contract, according to Squid, is a third-party module built on top of Gnosis Safe. The protocol explained that this module is structurally distinct from its own router contract. The attacker reportedly exploited a vulnerability in the module’s public fixed-string verification function, allowing them to execute arbitrary call data and drain funds from affected wallets. Squid clarified that the affected Gnosis Safes had previously registered the module as a trusted module. This registration status enabled the attacker to initiate asset transfers without requiring additional signatures from the wallet owners, effectively bypassing standard security checks. Impact Assessment and User Safety The company was explicit in its assessment: its core router contracts, user funds, approvals, and integrated services were not compromised. This distinction is critical for users who may have been concerned about the safety of their assets held directly through Squid’s platform. The incident highlights a growing complexity in the DeFi ecosystem, where the use of third-party modules and smart contract integrations can introduce unforeseen risks. While Squid’s core protocol remains secure, the event serves as a reminder that the broader infrastructure users rely on—such as wallet-level modules—can become attack vectors. What This Means for DeFi Users For users of Gnosis Safe and similar multi-signature wallets, this incident underscores the importance of auditing and understanding every module or app connected to their wallet. Registering a module as trusted grants it significant permissions, and any vulnerability in that module can have severe consequences. Squid has not indicated any plans for a user reimbursement program, as the protocol itself was not directly responsible for the exploit. The affected funds were lost from wallets that had voluntarily integrated the third-party module. Conclusion The $3.2 million exploit is a cautionary tale about the layered security risks present in decentralized finance. While Squid’s core infrastructure remains intact, the incident demonstrates that security in DeFi is only as strong as the weakest link in a user’s personal stack of integrated tools and modules. Users are advised to regularly review and revoke permissions for any modules or contracts that are no longer actively used. FAQs Q1: Were Squid’s own contracts or user funds affected by the exploit? No. Squid has confirmed that its core router contracts, user funds, and approvals were not impacted. The exploit occurred in a third-party module built on Gnosis Safe. Q2: How did the attacker manage to drain the funds? The attacker exploited a vulnerability in the module’s public fixed-string verification function to execute arbitrary call data. Because the module was registered as trusted on the affected Gnosis Safes, asset transfers could be made without additional signatures. Q3: Should users stop using Squid or Gnosis Safe after this incident? Not necessarily. Squid’s protocol remains secure. However, users should review all modules and apps connected to their wallets, revoke permissions for unused or unverified modules, and stay informed about the security practices of third-party integrations. This post Squid Protocol Says $3.2M Exploit Targeted Third-Party Module, Not Core System first appeared on BitcoinWorld .
25 May 2026, 12:56
Could Bitcoin Be Run by AI? It Eats Through Uber and Microsoft's Budgets in Months

Blockchain managed purely by AI is not a fantasy anymore: it's more than a possibility considering performance of modern agentic systems.
25 May 2026, 12:51
Why Has France Become the Most Dangerous Place to Hold Bitcoin?

France has become the main reported hotspot for violent physical attacks targeting cryptocurrency holders and their families, according to Bitcoin journalist Joe Nakamoto, who said about 70% of known global “wrench attacks” now occur in the country. Wrench attacks refer to physical violence, kidnapping, home invasion or extortion attempts aimed at forcing crypto holders to surrender private keys, wallet access or digital assets. The term has gained wider use as criminals increasingly target people believed to hold Bitcoin and other cryptocurrencies. Nakamoto said France has recorded 41 crypto-related kidnappings so far in 2026, equal to roughly one case every two and a half days. French authorities have also reported more than 40 cryptocurrency-linked kidnapping or hostage cases since January, according to figures cited by Le Monde. France Records Surge in Crypto Kidnappings French police have been investigating a wave of abductions and attempted kidnappings linked to cryptocurrency investors, executives, and their relatives. Officials said the trend began rising in late 2024, expanded in 2025 and continued into 2026. Several cases have drawn public attention. In January 2025, kidnappers abducted Ledger co-founder David Balland and his partner. Balland was later freed, but reports said his captors mutilated his hand and demanded a crypto ransom. In May 2026, the daughter of Paymium CEO Pierre Noizat escaped an attempted kidnapping in Paris. Video footage showed masked men trying to force her into a vehicle before she resisted with help from her husband. Another reported case involved the wife of The Sandbox co-founder Sebastien Borget. As we reported, she was targeted at the couple’s home in Villenoy by suspects posing as delivery workers. Neighbors intervened after hearing her cries, and two suspects were later arrested. KYC Data and Target Selection Under Scrutiny Nakamoto linked the rise in attacks partly to know-your-customer data collection. He said sensitive customer records stored on centralized servers may have helped criminals identify crypto holders after past data leaks. One of the most cited examples is the 2020 Ledger customer data leak, which exposed names, home addresses and email addresses of more than 270,000 customers worldwide. The incident remains a reference point in debates over crypto privacy and physical security. Jameson Lopp, chief executive of Casa, said France has become a warning case for the sector. He argued that financial regulations can create large stores of personal data that may place Bitcoin holders at risk when compromised. Investigators have said the structure of the attacks varies. French officials have described cases in which organizers may operate from abroad while recruiting young people in France to carry out abductions, surveillance, or logistics. French media reports said some suspects arrested in recent kidnapping probes were minors, while many others were under 20. Authorities have accused suspects of involvement in organized kidnapping, criminal conspiracy, and related offenses. Authorities Increase Arrests and Security Response French authorities have arrested dozens of people linked to crypto kidnapping investigations. National prosecutor Vanessa Perrée said at least 88 individuals have been arrested in connection with crypto wrench attacks in France. In one recent operation, police arrested 24 suspects connected to multiple kidnapping cases. Reports said the Banditry Repression Brigade intercepted one attempted abduction, while other arrests followed a separate attempt involving the daughter of a crypto investor. The French Interior Ministry has met with crypto industry representatives to discuss security threats facing investors, founders, and executives. During Paris Blockchain Week 2026, Minister Delegate Jean-Didier Berger announced preventive measures, including a dedicated prevention platform. Security specialists have advised crypto holders to reduce public exposure. Common recommendations include avoiding public claims about holdings, limiting personal information online, using professional custody tools and creating emergency protocols with trusted service providers. Some custody firms offer security phrases that can alert staff when a client is being coerced. In such cases, a provider may freeze access or contact law enforcement. Other advisers suggest maintaining a decoy wallet with a small balance, though users are also warned that physical safety should come before asset protection.
25 May 2026, 12:25
Bhutan Sells $900M in Bitcoin Over 11 Months at Average Price of $98K, On-Chain Data Shows

BitcoinWorld Bhutan Sells $900M in Bitcoin Over 11 Months at Average Price of $98K, On-Chain Data Shows The Royal Government of Bhutan has gradually sold approximately 9,180 Bitcoin (BTC) over the past 11 months, generating around $900 million in proceeds, according to on-chain data tracked by blockchain analytics firm EmberCN. The average selling price across these transactions was calculated to be roughly $98,067 per Bitcoin. Timeline of Bhutan’s Bitcoin Sales Data from EmberCN reveals that Bhutan’s Bitcoin holdings peaked at roughly 12,200 BTC in early 2025, coinciding with the cessation of the country’s state-backed mining operations. The government reportedly began its divestment process in earnest in June of the same year, executing a series of transactions over the subsequent months. Current Holdings and Market Context As of the latest on-chain data, the Bhutanese government holds approximately 3,021 BTC, valued at around $234 million at current market prices. This sale represents a significant reduction from the country’s peak holdings and provides a rare window into how a sovereign nation manages a large, publicly known cryptocurrency reserve. The average sale price of $98,067 is notable, as it is below Bitcoin’s all-time high, but still represents a substantial profit relative to the likely acquisition costs from mining operations. Implications for the Crypto Market Bhutan’s systematic sale of a large Bitcoin position over an extended period offers several key takeaways for market observers. First, the gradual nature of the sales likely minimized market impact, preventing a sharp price decline that a single large dump could cause. Second, the move provides a case study for other nations or institutions holding significant crypto assets, demonstrating a methodical approach to liquidation. Finally, the fact that the sales were tracked via on-chain data highlights the transparency of the Bitcoin blockchain, allowing for public verification of government transactions. Conclusion Bhutan’s $900 million Bitcoin sale, executed at an average price of $98,067 over 11 months, marks a significant chapter in the country’s foray into digital assets. While the government has substantially reduced its holdings, it still retains over 3,000 BTC. The methodical, publicly traceable nature of these transactions provides valuable data for analysts and underscores the unique transparency of on-chain markets. FAQs Q1: How much Bitcoin did Bhutan sell? A1: According to on-chain data from EmberCN, Bhutan sold approximately 9,180 BTC over 11 months. Q2: What was the average price Bhutan received for its Bitcoin? A2: The average selling price across all transactions was calculated to be around $98,067 per Bitcoin. Q3: How much Bitcoin does Bhutan still hold? A3: As of the latest data, the Bhutanese government holds about 3,021 BTC, valued at approximately $234 million. This post Bhutan Sells $900M in Bitcoin Over 11 Months at Average Price of $98K, On-Chain Data Shows first appeared on BitcoinWorld .
25 May 2026, 12:08
Kalshi’s $454M Crypto Volume Week Marks Complete Reversal of Polymarket’s Early-2026 Lead

At the start of this year, Polymarket was the dominant prediction market platform when it came to crypto-themed event contracts. Across the two largest prediction markets right now, Polymarket dominated the market share here with 91.11% in the first week of January. Roughly five months later, this command has flipped almost entirely in Kalshi’s favour. In week ending May 17, data from Artemis shows that Kalshi drew in $454.2 million in weekly crypto-category spot volume (a new all-time high) versus Polymarket’s $297.1 million, a 60.45% to 39.55% split on a combined $751.3 million week. The tilt in volume dominance within this category has been noticeable since February, and with each passing week, Kalshi is seemingly tightening its grip. This is not a story about a platform building a better product per se. Kalshi’s crypto markets winning at the moment is the same reason why its sports category is outpacing its rival. The regulated in the U.S. angle is a major reason for this swing. To compound this, over the last quarter, Polymarket has faced various regulatory battles that haven’t helped their volumes as well. How the Share Inverted in Five Months Kalshi’s first foray into crypto-based event contracts with noticeable volume came in and around the third quarter of 2024. After reaching a market share of 37.85% in November 2024, their share remained relatively flat throughout 2025 and did not cross 25% dominance in this category. Looking at the Artemis chart, the trend broke around February this year and since then, weekly crypto spot volume has gone vertical for Kalshi. Polymarket, meanwhile, hasn’t lost volume in absolute terms, it’s just stopped growing. Holding $297M while Kalshi added an extra $400M of weekly turnover is the kind of stagnation that only looks bad in relative terms, and relative terms are what matters when you’re competing for the same liquidity. TRON, Coatue and the CNN/CNBC Push A few specific catalysts pulled the curve up. The TRON integration in December last year opened native USDT deposits directly into Kalshi accounts, which removed a big chunk of the friction that had previously pushed crypto-native traders toward Polymarket by default. The Coatue-led $1 billion raise at a $22 billion valuation then bankrolled an aggressive distribution push, with Kalshi event contracts now sitting inside Robinhood and WeBull where they’re being served to retail flow that has never touched a prediction market before. The CNN and CNBC partnerships added the final piece by giving Kalshi’s pricing a mainstream finance broadcast channel that Polymarket, as an offshore platform, structurally can’t match. Crypto markets on Kalshi are now quoted alongside equity products in places where retail discovers them passively, rather than having to seek them out. Polymarket’s Regulatory Quarter Did the Rest Polymarket has carried a much heavier regulatory load than Kalshi. The India block cut off a major user base, the Rhode Island AG suit added another state-level challenge, and even the shared blows, the House Oversight probe and the Ninth Circuit ruling on Nevada, land harder on a platform with offshore structure and a weaker US compliance posture. Each individually would be manageable. Stacked together, they create exactly the kind of jurisdictional uncertainty that pushes institutional and risk-averse retail volume toward the CFTC-regulated alternative sitting right next door. The 91% to 39% inversion lines up almost perfectly with this regulatory pressure window. Coincidence is possible, but the timing makes the cleaner explanation hard to ignore. Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free .
25 May 2026, 12:05
Ethereum Foundation Is “Not the Center of Ethereum,” Claims Vitalik Buterin

Ethereum co-founder, Vitalik Buterin, said the Ethereum Foundation (EF) is moving toward a smaller, more focused role within the broader ETH ecosystem. Amid growing concerns around EF, Buterin stated that the organization is “not a center of Ethereum” but rather “one node, with a defined purpose, alongside other nodes.” Smaller Ship In his latest X post, Buterin said the board is expanding and that his own influence within the organization will continue to decrease, which he described as something he wants. He noted that the foundation’s President Aya Miyaguchi has been carrying out much of the transition work, while his own involvement has mainly focused on technical matters. According to Buterin, the EF improved its operational efficiency and execution capabilities during 2025. However, he said he became increasingly concerned by criticism from people who questioned whether the EF’s actions truly reflected Ethereum’s stated values around decentralization, privacy, and acting as a “sanctuary technology.” According to Buterin, EF should not become a central authority, noting that the foundation controls only around 0.16% of the total ETH supply, compared to some competing blockchain foundations that reportedly control between 10% and 50% of their networks’ tokens. He also said the EF was originally created to complete a limited set of objectives tied to ETH’s early development phases, including Frontier, Homestead, Metropolis, and Serenity, which were completed in 2022. Buterin said the EF is now prioritizing longevity over expansion and focusing only on activities that are critical to Ethereum functioning as a censorship-resistant, open, private, and secure system. He went on to explain that this approach requires difficult decisions, including allowing respected contributors and important initiatives to exist outside the foundation to attract outside capital. He said Ethereum should avoid competing solely on speed and scalability metrics, adding that pursuing that path would lead to “mediocrity.” Instead, he said Ethereum should focus on goals such as creating a provably bug-free Ethereum through AI-assisted formal verification, improving consensus design, and reducing reliance on intermediaries in transaction inclusion. Buterin also said Ethereum’s long-term technical goals remain compatible with scaling improvements and high throughput through Layer 2 networks and other optimizations. “EF will be a smaller ship than in previous years, a more opinionated one – in some cases more opinionated in ways that might be difficult to comprehend – but a longer-lasting one, and one suited to making sure that Ethereum brings something meaningful to the world.” High-Profile Exits EF has faced growing scrutiny in recent months following a series of high-profile departures, including Tomasz Stańczak, Tim Beiko, Josh Stark, and Barnabé Monnot. Community discussions intensified as multiple exits occurred in a short period, prompting speculation about internal instability and disagreements over the Foundation’s evolving direction. ETH investor Ryan Berckmans asserted that the departures were mainly tied to differing strategic approaches, leadership transitions, and organizational restructuring rather than declining confidence in Ethereum itself. The post Ethereum Foundation Is “Not the Center of Ethereum,” Claims Vitalik Buterin appeared first on CryptoPotato .





































