News
26 May 2026, 13:57
Scammers exploit Google Ads route to steal $400K+ from Uniswap users

Fraudsters have successfully stolen $400,000+ by using sponsored Google ads to push fake websites ahead of the real platform. The scam is designed so that anyone searching for Uniswap on Google sees the false ad first. Users who have clicked the near-clones of Uniswap’s interface, connected their wallets, and approved just one transaction have lost everything. How the Uniswap phishing op bypassed Google’s safeguards As reported by Cryptopolitan , scammers managed to secure Google Ads slots for the keyword “Uniswap” and placed fraudulent websites as the top sponsored results. The phishing pages perfectly mimicked the UI of the legitimate site with deceptive URLs that appeared quite credible at first glance. ⚠️ALERT: $400K+ STOLEN: Scammers are buying @GoogleAds to rank FAKE @Uniswap sites ABOVE the real one When you search "Uniswap" – the TOP results are now phishing traps designed to drain your wallet @Google phishing attacks have EXPLODED since March according to onchain… pic.twitter.com/Jczz0nRSZ6 — Cryptopolitan (@CPOfficialtx) May 26, 2026 Sometimes, the fake copies were hosted on subdomains such as sites.google.com. The scammers avoided automatic moderation by using a valid URL in the ad preview and loading malware through a hidden secondary iframe. This was not caught by any Google verification tools. The traffic was then redirected to the servers of the attackers. Once the users logged into their wallets and confirmed the transaction, the fund drainer contract withdrew all tokens in a single irreversible blockchain operation. Sadly, the hardware wallet did not provide any protection since the malicious code was signed by the victims. According to blockchain data , two addresses held 146 ETH, valued at about $306,000 at the time of reporting. According to the Security Alliance (SEAL), there was a surge in Google phishing attacks with duplicate ads from March 13 to March 30, 2026. This led to the blocking of more than 356 malicious URLs, resulting in a total loss of $1.27 million. The phishing campaign has been around for over a year, with hackers moving to new domains after each takedown. In January 2026, over $370 million was lost due to crypto scams and exploits. Crypto traders struggle with verification tools The first community alert about the scam was shared by on-chain analyst b-block on May 25, 2026. The attacker’s web addresses and wallet addresses were identified, and users were advised to use only the official URLs for transactions and to cross-check them using DeFiLlama. The founder of Web3 marketing, Stacy Muur , highlighted the concern, saying, “It is insane that Google has been ignoring this problem for so long when fake links keep pushing real links, and users get drained.” To address this problem, DeFiLlama offered its LlamaSearch product, which maintains thousands of secure crypto web domains, as a Chrome extension and at search.defillama.com . Hayden Adams, the creator of Uniswap, has responded directly to this concern on X, and it is more about placing the blame on search engine platforms rather than on end users. Uniswap’s Hayden Adam calls for the end of the ad economy. Source: X According to analysts, the solution does not exist, as Google benefits from ad revenue but fails to be proactive in moderating such promotions. The community suggests three ways to address the situation: bookmark the legitimate Uniswap domain using its legitimate X account, avoid clicking sponsored links for any DeFi project, and validate each transaction approval. Uniswap’s expansion vote lies in wait Uniswap’s DAO has launched Proposal 96, which seeks to enable the UNIfication protocol fee collection and UNI token burn function to operate on three other highly trafficked chains—BNB Chain, Polygon, and Celo. This is in addition to the Ethereum mainnet, where it has already operated successfully since being rolled out at the end of December 2025. Vote: https://t.co/nA0bOlnmmU — Hayden Adams 🦄 (@haydenzadams) May 22, 2026 As reported by Cryptopolitan, Proposition 96, known as “Protocol Fee Expansion: Vote 3,” leverages the streamlined governance process set forth in the context of UNIfication. The proposal does not follow the request-for-comment (RFC) process; instead, it skips the 5-day snapshot vote and goes straight to an on-chain vote. Upon acceptance, the updates will be implemented using TokenJar contracts to collect protocol fees from newly added chains and distribute them via Firepit contracts for burning UNIs. The new expansion will bring the number to 11, beyond Ethereum’s mainnet, where protocol fees are active. Previous expansions included those on Arbitrum, Base, OP Mainnet, Soneium, X Layer, Worldchain, Zora, and an initial (but later corrected) Celo chain. If you're reading this, you’re already ahead. Stay there with our newsletter .
26 May 2026, 13:40
Anonymous User Burns 107 BTC Worth $8.2 Million in Five Transactions

BitcoinWorld Anonymous User Burns 107 BTC Worth $8.2 Million in Five Transactions In a striking event that has captured the attention of the cryptocurrency community, an anonymous user has permanently removed 107 Bitcoin (BTC) from circulation. The coins, valued at approximately $8.2 million at the time of the transaction, were sent to a known burn address across five separate transfers. This action effectively destroys the digital assets, as the receiving address is mathematically unspendable, lacking any known private key. The Mechanics of a Bitcoin Burn The address in question, 1111111111111111111114oLvT2 , is a well-known ‘burn address’ within the Bitcoin network. It is a vanity address that was intentionally created without a corresponding private key. Any Bitcoin sent to this address is considered provably unspendable and is permanently removed from the circulating supply. The act, often referred to as ‘burning,’ is a transparent and irreversible process recorded on the blockchain for anyone to verify. The five transactions, reported by Wu Blockchain, underscore the deliberate nature of the event, suggesting a planned action rather than a simple mistake. Implications for Bitcoin’s Supply and Market While the burning of 107 BTC is a significant amount, representing a substantial financial loss for the sender, its impact on the overall Bitcoin market is minimal. Bitcoin’s total circulating supply is approximately 19.6 million coins, with a capped maximum of 21 million. The removal of 107 coins represents a reduction of roughly 0.0005% of the total supply. However, such events are symbolically important within the Bitcoin ecosystem. They reinforce the principle of digital scarcity, a core tenet of Bitcoin’s value proposition. For some, burning Bitcoin is a form of protest, a charitable donation to the network by increasing the scarcity of all remaining coins, or simply a statement of conviction. Why Would Someone Burn Millions of Dollars? The motivations behind such a drastic action are a matter of speculation. While the sender’s identity and purpose remain unknown, several theories exist within the community. It could be a high-stakes publicity stunt, a way to permanently divest from Bitcoin without selling on an exchange, or an attempt to signal extreme long-term confidence in the asset by reducing its supply. Some view it as a ‘proof of burn’ mechanism, a concept used in some blockchain projects to validate transactions or demonstrate commitment. Without further information from the sender, the true reason remains a mystery, adding to the lore and unpredictability of the cryptocurrency space. Conclusion The burning of 107 BTC is a dramatic, verifiable event that highlights the unique properties of blockchain technology: transparency, irreversibility, and provable scarcity. While the immediate market effect is negligible, the act serves as a powerful reminder of Bitcoin’s fixed supply and the radical financial sovereignty it offers its users. The story will likely be discussed for its symbolic weight rather than its economic impact, contributing to the ongoing narrative of Bitcoin as a store of value in the digital age. FAQs Q1: What is a Bitcoin burn address? A Bitcoin burn address is a wallet address that has no known private key. Because the private key is unrecoverable, any Bitcoin sent to this address can never be accessed or spent, effectively removing it from circulation forever. Q2: Does burning Bitcoin affect its price? While burning a large amount of Bitcoin reduces the total supply, the impact on price is typically minimal unless a very large percentage of the circulating supply is destroyed. The price is more heavily influenced by trading volume, market sentiment, and macroeconomic factors. Q3: Is burning Bitcoin a common practice? No, burning large amounts of Bitcoin is rare due to the high financial cost. Smaller burns or ‘dust’ transactions are more common, but destroying millions of dollars worth of the asset is an unusual and newsworthy event. This post Anonymous User Burns 107 BTC Worth $8.2 Million in Five Transactions first appeared on BitcoinWorld .
26 May 2026, 13:02
Something Big Will Hit XRP Ledger On May 27. Here’s How to Prepare

The XRP Ledger is approaching a significant technical threshold. On May 27, a protocol-level amendment will be activated. Every node running a version below rippled 3.1.3 will be blocked. That means they will lose the ability to communicate with the rest of the network. This is not a routine software suggestion. It is a hard network requirement. What Is Happening on May 27? The rippled 3.1.3 update has been available for over a week. According to XRP validator Vet (@Vet_X0), only 40% of the network’s 846 nodes had upgraded as of May 17. The amendment carrying the fix inside 3.1.3 reaches its activation threshold on May 27. At that point, any node still running an older version stops participating in the network entirely. Vet confirmed in a follow-up post that the deadline is fixed. Exchanges have already been contacted, and the XRP community is now reaching out to DEX interfaces, NFT marketplaces, and other projects building on the ledger to ensure they upgrade in time. In 36h all nodes running a lower version than XRP Ledger 3.1.3 will get amendment blocked. In order to continue operations please update your nodes, including validators. It takes literally 2 minutes. https://t.co/uvZekl38OM — Vet (@Vet_X0) May 25, 2026 The Importance of this Upgrade Amendment blocking is a built-in consensus mechanism on the XRP Ledger. It enforces network-wide agreement on protocol rules. When a supermajority of validators support an amendment for two consecutive weeks, it’s automatically activated. Nodes that have not adopted the new rules cannot process transactions or remain in sync with the rest of the network. This mechanism exists to keep the ledger consistent while maintaining its decentralization . It pushes the ecosystem to move forward together rather than allowing fragmented versions to persist. The May 27 activation is the system working exactly as designed. We are on X, follow us to connect with us :- @TimesTabloid1 — TimesTabloid (@TimesTabloid1) June 15, 2025 What Node Operators Must Do Now The upgrade process is straightforward. Vet noted that updating “takes literally 2 minutes.” This update will also bring the ledger closer to version 3.2.0 , which many in the community are eagerly anticipating. Node operators, validators, exchanges, and project teams running infrastructure on the XRP Ledger need to update to rippled 3.1.3 before May 27. At press time, data from the network state dashboard shows that 484 nodes were running 3.1.3, bringing the total up to 57.4%. Another 197 remain on 3.1.2, 27 on 3.1.1, 53 on 3.1.0, 63 on 3.0.0, and 2 on 2.6.2. All of those will face amendment blocking if they do not act. Once the amendment activates and the network converges on 3.1.3, the XRP Ledger moves forward on a unified, patched protocol, preparing for XRP’s next phase of growth . Disclaimer : This content is meant to inform and should not be considered financial advice. The views expressed in this article may include the author’s personal opinions and do not represent Times Tabloid’s opinion. Readers are advised to conduct thorough research before making any investment decisions. Any action taken by the reader is strictly at their own risk. Times Tabloid is not responsible for any financial losses. Follow us on X , Facebook , Telegram , and Google News The post Something Big Will Hit XRP Ledger On May 27. Here’s How to Prepare appeared first on Times Tabloid .
26 May 2026, 12:54
Sony Stock Skyrockets on XRP PlayStation Integration Rumors

Sony Stock Swings on XRP Rumor Before Denial Reignites Focus on Gaming Payments Narrative Sony Group stock, TSE:6758, briefly became the focus of a fast-moving market narrative after online speculation suggested that PlayStation Network might integrate XRP for payments and rewards. The claim circulated widely across social media and crypto aggregators, but was never backed by any official evidence. Sony has since explicitly denied any plans to incorporate cryptocurrency into its gaming ecosystem. Even so, the rumor was enough to spark short-term market chatter. At its peak, the story tied Sony’s digital gaming business to XRP’s perceived role as a low-cost settlement network, drawing in speculative interest before quickly unwinding once the denial clarified the position. Realistically, it was a clear example of how quickly sentiment can shift in large-cap tech stocks when crypto narratives enter the mix. This episode sits against a mixed performance backdrop for Sony Group. The stock is up 12.16% over the past month, showing recent momentum, but remains down 11.79% year-to-date, reflecting earlier weakness. Over a longer horizon, performance is still solid, with a 3-year total shareholder return of 44.95% and a 5-year return of 80.60%, underscoring steady long-term value creation despite short-term volatility. Sony–XRP Rumor Shows How Fast Gaming and Crypto Narratives Can Move Markets—Before Reality Catches Up What made the speculation gain traction so quickly was the broader convergence of gaming and digital payments. PlayStation operates in a highly digital environment driven by subscriptions, in-game purchases, and microtransactions. In this context, any suggestion of faster, cheaper, or more efficient payment rails tends to attract attention, even when the claims are unverified. XRP, meanwhile, is often positioned in market discourse as a settlement-focused digital asset designed for high-throughput and cross-border transactions. This framing naturally places it in recurring discussions about whether blockchain infrastructure could eventually interface with mainstream consumer platforms, including gaming ecosystems. What’s one of the key takeaways? Well, the Sony–XRP episode reveals less about corporate strategy and more about how modern markets absorb and amplify narratives. In today’s environment, where gaming, fintech, and crypto increasingly overlap in investor imagination, even unverified claims can briefly move sentiment before fundamentals reassert themselves. Presently, there is no confirmed plan for PlayStation Network to adopt XRP or any cryptocurrency for payments or rewards, leaving the story as another example of how quickly speculation can travel through interconnected tech and digital asset markets.
26 May 2026, 12:41
Is IronWallet Legit? A 2026 Look at Security, Custody, and User Trust

IronWallet is a non-custodial multi-chain wallet with no KYC, 10,000+ supported assets, gasless stablecoin transfers, and WalletConnect Pay integration. It has grown into an application with more than 3 million users by 2026. New-user searches center on whether IronWallet is legit and what evidence backs the answer. Sections below cover what verifies the wallet's legitimacy, what custody and privacy architecture protects users, and what concerns are worth weighing honestly. Custody Model: Non-Custodial Architecture Verified IronWallet security rests on a strictly non-custodial design. IronWallet's non-custodial architecture means private keys and the 12-word seed phrase are generated and stored locally on the user's device, not on external servers. This architecture removes the single point of failure that affects custodial wallets and centralized exchanges. Key custody details that verify the non-custodial model: Local key storage: Private keys are generated on the device and never leave it. Server-side breaches cannot expose them Zero platform access: The company behind this platform has no ability to freeze accounts, move assets, or recover passwords on a user's behalf No account model: There is no IronWallet "account" to compromise, just a device-stored wallet under the user's control Seed phrase ownership: The 12-word IronWallet seed phrase is the sole recovery mechanism, and only the user possesses it This is the same custody model used by Trust Wallet, MetaMask, and most established non-custodial wallets. Privacy and Data Posture IronWallet's privacy posture is built around a "privacy by design" architecture that goes further than what most non-custodial wallets implement. Users do not provide a name, email address, phone number, or government ID to use the wallet. Google Analytics and Apple Store analytics are explicitly blocked in the privacy policy , going further than wallets that still collect telemetry through third-party SDKs. Operations and privacy policies are governed by Liechtenstein law and fully implement the EU's GDPR data protection regulations, which means the wallet's data handling is bound by the strict EU privacy framework. Automatically generated log data (IP addresses, device types, operating systems) is protected using industry-standard security measures and is not linked to personal identity, so technical telemetry cannot be reverse-engineered into a user profile. A "no email" architecture has practical consequences worth understanding before signing up: there is no recovery email, no two-factor authentication tied to a phone, and no way to identify the wallet holder externally. Device-Level Security Layers Above the non-custodial architecture, IronWallet adds local device protection layers that improve everyday security: PIN code lock: A custom PIN locks the application locally, preventing access if the device is unlocked but unattended Biometric authentication: Face ID and fingerprint scanning protect application entry on supported devices End-to-end encrypted Web3 connections: When connecting to external dApps through WalletConnect, communication between the wallet and the dApp is end-to-end encrypted Local private key signing: Even when interacting with external smart contracts, encrypted messages route through decentralized nodes, and private keys never leave the device These layers do not replace seed phrase responsibility, but they reduce the risk profile for everyday use. Third-Party Validation Signals A credible non-custodial wallet security assessment surfaces external validation, not just internal claims. IronWallet has several verifiable signals: App Store presence: Listed on the official Apple App Store with verified developer status and consistent 4+ star user ratings Google Play Store presence: Listed on Google Play with verified developer status and 4+ star ratings WalletConnect Pay integration: Confirmed as a partner in the live WalletConnect Pay rollout that began in January 2026 across 120+ countries through the Ingenico payment terminal network Trustpilot listing: Active company profile on Trustpilot with public user reviews Liechtenstein corporate registration: INWAY AG is a registered legal entity, not an anonymous offshore company The WalletConnect Pay partnership is the strongest institutional signal. Inclusion in that ecosystem required compatibility verification with the WalletConnect protocol and meant Ingenico's compliance review approved IronWallet alongside other major non-custodial wallets. External Connections: How WalletConnect Routes Stay Encrypted A wallet's security extends past its own application. Once a non-custodial wallet connects to a decentralized application, the security model expands to include how that connection routes. IronWallet addresses this through several specific architectural choices. End-to-End Encrypted Web3 Routing When IronWallet connects to external dApps through its built-in WalletConnect feature, all communication between the wallet and the dApp is end-to-end encrypted. The encryption protects the connection from intermediary observation across network infrastructure. Private Keys Never Leave the Device Even when the user interacts with external smart contracts (signing a Uniswap swap, approving a token contract, confirming a marketplace transaction), encrypted messages route through a decentralized network of nodes. The private key signs the transaction locally on the device and only the signed transaction propagates outward. No Central Relay Server Standard WalletConnect protocol design uses decentralized relays, not a single proprietary server that could become a compromise vector. This means no single point of interception exists in the wallet-to-dApp communication path. Session-Level Permissions Each WalletConnect session operates with explicit user-approved permissions. The wallet does not grant blanket access to a dApp after first connection; each new transaction requires user confirmation on the device. These architectural choices matter because the highest-risk moments for non-custodial wallet users are dApp interactions, where signature requests can carry hidden contract behaviors. End-to-end encryption combined with local signing reduces the attack surface compared to wallets that route through proprietary servers. The Verdict The IronWallet trust picture comes together through verifiable signals: Liechtenstein corporate registration, App Store and Play Store presence with 4+ ratings, 3M+ user base, WalletConnect Pay institutional partnership, GDPR-compliant privacy policy, and verified non-custodial architecture. On the central question, whether IronWallet is legit or a scam, the evidence supports the legit answer clearly. The honest tradeoffs are real but standard: no platform recovery if the seed phrase is lost, smaller institutional footprint than the largest competitors, mobile-only design. Users who weigh these tradeoffs against the wallet's verified custody architecture, privacy posture, and encrypted external routing can make an informed security decision. FAQ Is IronWallet a safe crypto wallet to use? IronWallet uses a non-custodial architecture with local private key storage, end-to-end encrypted Web3 connections, and biometric/PIN device-level locks. The wallet is GDPR-compliant under Liechtenstein law and has no KYC requirements. The safety profile matches established non-custodial standards with privacy enhancements that go further than most competitors offer. Is IronWallet legit or a scam? IronWallet is legit. The wallet is operated by INWAY AG, a registered Liechtenstein company, has been active since 2017, and has accumulated 3M+ users with consistent 4+ App Store and Play Store ratings. The wallet is also an official partner in the WalletConnect Pay infrastructure rollout. None of these signals are consistent with a scam profile. Who owns IronWallet and where is it registered? IronWallet is developed and operated by INWAY AG, a company registered in Liechtenstein. Liechtenstein operates under the Blockchain Act (TVTG), an established European crypto regulatory framework. This places IronWallet within a recognized regulatory environment, not an offshore jurisdiction. What happens if I lose my IronWallet seed phrase? A 12-word seed phrase is the sole recovery mechanism for a non-custodial wallet. Losing it means losing access to the funds permanently. INWAY AG cannot recover the seed phrase or the funds. This is standard for non-custodial wallets and is the security tradeoff for full user control over the keys. Does IronWallet collect personal data? IronWallet does not require a name, email address, phone number, or government ID to use. The wallet automatically generates technical log data (IP address, device type, OS) for app optimization purposes, protected under GDPR compliance. Google Analytics and Apple Store analytics are explicitly blocked in the privacy policy. Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
26 May 2026, 12:20
StablR Halts USDR and EURR Services Following $13.5 Million Exploit

BitcoinWorld StablR Halts USDR and EURR Services Following $13.5 Million Exploit European stablecoin issuer StablR has suspended issuance and redemption services for its USDR and EURR tokens following a security breach that led to the unauthorized minting of approximately $13.5 million in uncollateralized tokens. The incident, which occurred yesterday, has raised fresh concerns about the security of multi-signature wallet configurations in the rapidly evolving stablecoin market. The Exploit and Immediate Aftermath According to on-chain analyst ZachXBT and blockchain security firm GoPlus, the attacker exploited a vulnerability in StablR’s 1-of-3 multisig setup. By gaining administrative privileges through a single compromised key, the attacker was able to mint approximately 8.35 million USDR and 4.5 million EURR without proper collateral backing. The exploit caused an immediate and severe market reaction. Both USDR and EURR depegged from their intended 1:1 value by as much as 50%. At the time of reporting, EURR was trading at approximately $0.548, well below its parity target. The depegging highlights the fragility of stablecoin mechanisms when the underlying collateral or minting controls are compromised. Regulatory and Market Implications StablR has publicly acknowledged that its token reserves no longer meet the 1:1 collateral ratio required under the European Union’s Markets in Crypto-Assets (MiCA) regulation. The company has formally requested that exchanges halt trading and suspend deposits and withdrawals for both affected tokens. This situation serves as a critical test case for MiCA’s enforcement mechanisms, as regulators now face the challenge of overseeing a post-exploit recovery while protecting consumer interests. The incident also underscores a broader vulnerability in the crypto industry: the reliance on multi-signature wallets for critical administrative functions. While multisig setups are generally considered more secure than single-key systems, the 1-of-3 configuration—where only one key is needed to authorize transactions—offers minimal protection against a single point of failure. Security experts have long warned that such configurations are dangerously centralized in practice. What This Means for Stablecoin Users For holders of USDR and EURR, the immediate concern is the potential for significant financial loss. The depegging has already resulted in a 50% reduction in value for those unable to exit their positions before trading was suspended. Furthermore, the suspension of redemption services means that even at the depegged price, liquidity is effectively frozen. This event serves as a reminder that stablecoins are only as reliable as the security infrastructure supporting them. Users should scrutinize the custody and administrative control mechanisms of any stablecoin they hold, particularly those with non-standard multisig configurations. The incident may accelerate calls for stricter security audits and mandatory insurance coverage for stablecoin issuers operating under regulatory frameworks like MiCA. Conclusion The StablR hack is a significant event in the European crypto landscape, exposing critical weaknesses in stablecoin operational security and regulatory compliance. As investigations continue and recovery efforts unfold, the industry will be watching closely to see how MiCA responds to this first major test. For now, the priority for StablR is to secure its systems, assess the full extent of the damage, and work with regulators and exchanges to chart a path forward for affected token holders. FAQs Q1: How did the StablR hack happen? A1: The attacker exploited a 1-of-3 multisig vulnerability, meaning only one of three authorized keys was needed to gain administrative control. This allowed the attacker to mint uncollateralized tokens. Q2: What is the current status of USDR and EURR tokens? A2: Both tokens have depegged by approximately 50%. StablR has suspended issuance and redemption services and has asked exchanges to halt trading and suspend deposits and withdrawals. Q3: Does this affect StablR’s compliance with MiCA regulations? A3: Yes. StablR has stated that its token reserves no longer meet the 1:1 collateral ratio required under MiCA. The company is working with regulators to address the situation. This post StablR Halts USDR and EURR Services Following $13.5 Million Exploit first appeared on BitcoinWorld .











































