News
4 Jun 2026, 01:35
Tessera (TSR) Crashes 99% on BNB Chain After $2.5 Million Exploit and Tornado Cash Laundering

BitcoinWorld Tessera (TSR) Crashes 99% on BNB Chain After $2.5 Million Exploit and Tornado Cash Laundering The price of Tessera (TSR) on the BNB Chain has collapsed by approximately 99% following a security exploit that allowed an attacker to mint 99 million tokens illicitly. The incident, first flagged by blockchain security firm PeckShield, has sent shockwaves through the decentralized finance (DeFi) community and raised fresh concerns about smart contract vulnerabilities. How the Exploit Unfolded According to PeckShield’s analysis, the attacker exploited a vulnerability in Tessera’s smart contract to mint 99 million TSR tokens. These tokens were then rapidly sold off on decentralized exchanges, causing the price to plummet. The attacker swapped the proceeds for approximately 2.5 million USDT, a stablecoin, before bridging the funds to the Ethereum network. From there, the funds were laundered through Tornado Cash, a privacy mixer that obscures transaction trails. Immediate Market Impact The sudden sell-off wiped out nearly all of TSR’s market value, leaving holders with virtually worthless tokens. The incident highlights the persistent risks associated with unaudited or poorly secured smart contracts on BNB Chain, which has become a frequent target for similar exploits. Trading volume for TSR spiked during the attack but has since collapsed alongside the price. Why This Matters for DeFi Users This exploit is a stark reminder that tokens with low liquidity and unaudited code are highly susceptible to manipulation. The use of Tornado Cash to launder the stolen funds also underscores the ongoing challenge regulators and exchanges face in tracing illicit crypto flows. For investors, the incident reinforces the importance of due diligence, including verifying whether a project has undergone professional smart contract audits. Conclusion The Tessera exploit is the latest in a string of attacks targeting BNB Chain projects. While the stolen funds have been moved to Ethereum and partially obfuscated, blockchain forensic firms continue to track the wallets involved. The incident serves as a cautionary tale about the risks of investing in unaudited tokens and the speed at which liquidity can evaporate in DeFi markets. FAQs Q1: What caused the Tessera (TSR) price crash? The crash was caused by an attacker exploiting a smart contract vulnerability to mint 99 million TSR tokens, which were then sold on decentralized exchanges. Q2: How much money did the attacker steal? The attacker converted the minted tokens into approximately 2.5 million USDT, which was then bridged to Ethereum and laundered through Tornado Cash. Q3: Is there any way to recover the stolen funds? Recovery is highly unlikely. The funds were moved through Tornado Cash, which makes tracing and recovery extremely difficult. Affected investors should monitor official project channels for any announcements, but no compensation is guaranteed. This post Tessera (TSR) Crashes 99% on BNB Chain After $2.5 Million Exploit and Tornado Cash Laundering first appeared on BitcoinWorld .
3 Jun 2026, 18:50
Ledger finds vulnerability in older model of Trezor crypto wallet

Trezor and the chip maker Tropic Square have disclosed a hardware vulnerability in the TROPIC01 secure element chip used in the Trezor Safe 7 wallet. The vulnerability was found during an independent audit by rival Ledger’s security research team, Donjon. So far, Trezor claims that user funds and private keys were not compromised. What did Ledger’s audit of Trezor reveal? Researchers from Ledger’s Donjon team, the security division of Trezor’s direct competitor, found a flaw in the TROPIC01 secure element chip during an audit. This chip is made by Tropic Square , Trezor’s sister company, and is billed as the first secure element chip with publicly available hardware design and firmware source code. The researchers used a high-tech method called laser fault injection. The researchers physically opened the chip package and then shot a precise infrared laser at the silicon to mess with the signature verification process. This allowed them to run their own unauthorized code on that specific chip. Tropic Square provided commercial chip samples to Donjon for evaluation, and the team reported the flaw in late January 2026. After receiving Donjon’s findings, Tropic Square’s own engineers found a related attack path that could extract an additional secret tied to the chip’s PIN protection functions. What can Tropic Square or Trezor do to secure users more? Due to the vulnerability being at the hardware level, it cannot be patched through a software update for existing Safe 7 devices, Trezor confirmed . Tropic Square said it is already producing a new chip batch that addresses the flaw, but users do not need to take any action. The company stressed that the Safe 7 uses three independent physical security layers, and the TROPIC01 chip is only one of them. Private keys and wallet backups are not stored on the affected chip. Exploiting the vulnerability also requires physical possession of the device, disassembly, backside decapsulation of the chip package, and access to specialized laser fault injection equipment. Blockchain security firm Cyvers said that the attack appears “highly impractical” for real-world use. “Hardware wallet security should not be evaluated only by whether a chip can eventually be attacked in a lab,” Cyvers CEO Deddy Lavid said. In his view, phishing , seed phrase theft, and blind-signing are far larger threats for most users. Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free .
3 Jun 2026, 18:04
Zcash Price Rallied Over 10% as Orchard Bug Fix Restored Network

Zcash price rallied over 10% after the Zcash Foundation released emergency Zebra upgrades to fix a critical Orchard bug and restore full network functions. The move came after developers confirmed a soundness vulnerability in the Orchard zero-knowledge proof circuit, prompting a fast security response across the ecosystem. The Foundation released Zebra 4.5.3 and Zebra 5.0.0 to address the issue. Zebra 4.5.3 introduced an emergency soft fork that temporarily disabled Orchard actions, while Zebra 5.0.0 activated NU6.2 and re-enabled Orchard with the corrected circuit. Orchard Bug Fix Drives Zcash Price Rally ZEC gained strong market attention after the Foundation confirmed that the Orchard bug fix had gone live. The token rose more than 10%, even as the broader crypto market remained under pressure. The rally reflected renewed market confidence after developers restored the Orchard pool. According to the Foundation, node operators should upgrade to Zebra 5.0.0 as soon as possible. Operators unable to move to version 5.0.0 before the NU6.2 activation height were urged to use Zebra 4.5.3 to remain on the correct chain during the upgrade window. Additionally, rising interest in digital privacy is beginning to align with Zcash’s recent market performance. A chart shared by Will McEvoy compares Google Trends data for the term “privacy” with ZEC price action on a logarithmic scale and shows both moving sharply higher into 2026. Zcash Chart | Source: X The data suggests that public attention around privacy has climbed to its highest level in the chart period, while ZEC has also advanced toward the upper end of its recent range. That parallel move adds another layer to Zcash’s rally, with market participants increasingly linking the token’s strength to broader demand for privacy-focused tools and assets Critical Bug Found in Orchard Circuit The vulnerability was found on Friday, May 29, by independent security researcher Taylor Hornby during a protocol audit supported by Shielded Labs. Hornby disclosed the issue to ZODL core engineers, who confirmed the flaw within hours and began preparing a fix. The bug affected the implementation of the Orchard zero-knowledge proof circuit in the halo2_gadgets crate. In simple terms, a soundness bug can allow a system to accept an invalid transaction or state change. In this case, exploitation could have allowed double-spending within Orchard, although Zcash’s turnstile mechanism protected the total ZEC supply. Emergency Soft Fork Protected the Network Private coordination with miners and exchanges began on Sunday, May 31. After an early activation attempt faced deployment issues, engineers released another patch targeting block height 3,363,426. That soft fork activated at about 02:00 UTC on June 2. Zebra 4.5.3 temporarily rejected blocks and transactions containing Orchard actions. This step gave developers time to complete the full circuit fix while limiting public details about the vulnerability. Notably, Sapling and transparent transactions continued to operate during the incident. NU6.2 activated on Wednesday, June 3, at 00:05 EDT. The hard-fork upgrade re-enabled Orchard actions using the corrected circuit and updated the required verifying key. A hard fork was needed as the proof circuit change could not be handled through a normal software patch alone. Zebra 5.0.0 activates NU6.2 at Mainnet block height 3,364,600 and Testnet block height 4,052,000. The upgrade also adds consensus rules that reject Orchard bundles with non-canonical proof sizes from the activation height, closing the vulnerability addressed by the earlier soft fork. No Evidence of Unauthorized ZEC Creation The Zcash Foundation said the vulnerability was fixed before any known exploitation occurred. It also stated that there was no evidence of unauthorized value creation, while Zcash’s turnstile mechanism confirmed that the total supply remained intact throughout the incident. User privacy was not affected during the response. The Foundation also credited Taylor Hornby, Shielded Labs, ZODL engineers, Zebra contributors, miners, node operators, exchanges, wallet providers, and infrastructure teams for supporting the coordinated upgrade that restored Orchard operations.
3 Jun 2026, 17:58
edgeX pledges refunds to EDGE holders after 70% token crash, denies role in collapse

Following the crash of its EDGE token, decentralized derivatives exchange edgeX, has shared an update stating that it will compensate users affected by the 70% crash. The exchange debunked the allegations that the crash came as a result of insider manipulation, maintaining that the price collapse resulted from external actors. edgeX posted what appears to be a refund commitment on X on June 3, following two earlier statements in which it blamed “deliberate” market-price manipulation by external actors for the sell-off, according to the project’s official account. However, blockchain investigator ZachXBT did not buy the exchange’s explanation, stating that concentrated insider ownership and a thin float better explain the collapse. What happened to EDGE? EDGE dropped from roughly $1.14 to a low of $0.366 during the June 1 session, a peak-to-trough decline of about 70%, according to CoinMarketCap data. edgeX’s own account of the timeline puts the sharpest move in the early hours of June 2 UTC, with EDGE falling from around $1.12 to approximately $0.32 within a single hour before stabilizing between $0.63 and $0.71. The crash triggered more than $2.81 million in liquidations within that window, with long positions accounting for $1.96 million and shorts roughly $849,000, per Cryptopolitan’s earlier reporting. As of June 3, EDGE was trading near $0.69 with a market capitalization of about $242 million and a circulating supply of 350 million tokens out of a 1 billion maximum, according to CoinMarketCap. What is edgeX’s response? In the early hours of June 2, edgeX ruled out any hack, exploit, or security breach while attributing the sell-off to deliberate manipulation by outside participants. edgeX also addressed community concerns about a smart contract address that users had flagged as suspicious, stating that it belonged to the exchange and was used solely for user deposits and withdrawals. On June 3, the exchange followed up with a refund announcement for affected users, calling it a goodwill payment that matches their actual losses. It stated that eligible users will receive the refund seven days after verification. However, it added that the refund is capped at a maximum of 100,000 USDC per individual user. What was ZachXBT and the community’s reaction to the initial token crash? ZachXBT responded to edgeX’s explanation on X by stating that “EDGE supply was being controlled by a few insiders with a low float,” and called on the project to name “the counterparties / MM agreements which lead to these events.” ZachXBT has a track record of flagging similar collapses. In April, ZachXBT investigated the RAVE token, where addresses linked to the initial distribution controlled around 95% of the supply before a crash exceeding 95% from peak. He connected that playbook to several other tokens, including RIVER, SIREN, MYX, and SKYAI. Analytics firm BubbleMaps also flagged SIREN’s concentrated ownership weeks before its market cap fell from $1.52 billion to $320 million. Community sentiment on edgeX’s posts was far from welcoming, with the initial post getting responses from users, with many accusing the team of involvement in the crash. edgeX has promised to share its core conclusions from the incident. ZachXBT has made clear he expects it to include names of counterparties and market-maker agreements, while EDGE holders and traders who took losses in the crash will be watching both the report and the refund mechanics closely. Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free .
3 Jun 2026, 16:55
Why Zcash (ZEC) Network Looked Offline for Hours – But Wasn’t

For a few hours on Wednesday Asia time, the Zcash blockchain appeared to have stopped producing new blocks, raising concerns that the network may be experiencing downtime. However, several observers clarified that the issue was not with the blockchain itself but with block explorers, which were failing to update correctly. Zcash Outage Scare Earlier in the day, block explorers showed no new blocks after block 3,364,603, recorded at 5:28 a.m. UTC, for more than four hours, fueling speculation that the chain had gone offline. Directly addressing confusion, Helius CEO Mert Mumtaz stated that reports of a network outage were incorrect. He explained that the network was fully functional and that the apparent disruption was caused by some block explorer applications being connected to a faulty node, which led to incorrect displays of chain activity. As a result, users saw no new blocks being reported, even though the chain continued operating normally in the background. The misleading appearance of inactivity followed a coordinated network upgrade within the Zcash ecosystem that had been carried out to address a vulnerability affecting Orchard, Zcash’s latest shielded pool. According to a statement from the Zcash Open Development Lab (ZODL), the upgrade was initiated on the evening of Monday, June 1, in response to an issue identified in Orchard. Developers, infrastructure operators, miners, exchanges, and other independent participants worked together to temporarily suspend Orchard-related transactions while a protocol upgrade was implemented. The process occurred in two stages through network-wide consensus. First, a soft fork was activated to temporarily disable Orchard by preventing both new Orchard outputs and spending from existing Orchard funds, helping limit exposure of sensitive technical details. This was followed by a hard fork to fully remediate the vulnerability and restore Orchard functionality, which required updates to the zero-knowledge proof circuit. Once the upgrade was completed, Orchard transactions were re-enabled. ZODL stated there is no evidence the vulnerability was exploited, no unauthorized creation of value, and no impact to the total ZEC supply. User funds remained safe throughout the process, and the issue did not affect Sapling or transparent transactions. The vulnerability was discovered through security audits by Zcash researcher Taylor Hornby, and the remediation effort was coordinated by ZODL alongside the Zcash Foundation and other ecosystem participants. ZEC Momentum Strengthens Zcash’s native token ZEC has moved against the broader market trend as it continued posting strong gains over the past month. The privacy-focused asset has climbed nearly 45% in that period and is currently trading near $599 after rising another 4% in the past 24 hours. According to crypto analyst Ali Martinez, the TD Sequential indicator on the 12-hour chart recently flashed a buy signal for ZEC, which means that the upward momentum could continue. As long as the token holds above the $500 level, a potential move toward $642 remains in play. Santiment identified ZEC as the most dominant topic across crypto social media, with seven repeated spikes in social dominance and a peak score of 10.02 recorded on May 20. The post Why Zcash (ZEC) Network Looked Offline for Hours – But Wasn’t appeared first on CryptoPotato .
3 Jun 2026, 15:05
Zcash Completes 'Most Ambitious' Network Upgrade as ZEC Resumes Recent Surge

A Zcash vulnerability could have allowed double-spending within the network's flagship privacy pool, though no exploitation occurred.








































