News
3 Jun 2026, 14:33
Zcash fixes Orchard bug after emergency network upgrade

Zcash Open Development Lab said the network briefly became unstable as miners upgraded, while the Zcash Foundation said there was no evidence of an exploit.
3 Jun 2026, 14:10
Aave Says Operations Back to Normal as $300M Backstop Replaces Drained Assets

Decentralized finance protocol Aave recently revealed that it has fully restored liquidity to its lending pools following a $300 million cross-chain exploit. The Anatomy of the Exploit Decentralized finance ( DeFi) pioneer Aave has successfully restored full liquidity to its lending pools, capping off an aggressive multi-week stabilization effort following a $300 million cross-chain exploit
3 Jun 2026, 13:00
Ledger Audit Uncovers Trezor Chip Flaw, Funds Stay Safe

Researchers found that a laboratory-based laser fault injection attack could extract certain chip secrets and bypass firmware signature checks. Trezor stated that the flaw affects only one of three independent security layers in the Safe 7 and does not provide access to user PINs, wallets, or funds. Trezor Discloses Hardware Wallet Vulnerability Hardware wallet manufacturer Trezor and semiconductor company Tropic Square disclosed a security vulnerability affecting the TROPIC01 Secure Element chip used in the Trezor Safe 7 hardware wallet. Despite the discovery, both companies made it clear that user funds remain secure and that no action is required from customers. The vulnerability was identified during an independent security audit conducted by Ledger Donjon, the white-hat research division of rival hardware wallet maker Ledger. As part of the review, Tropic Square provided the TROPIC01 chip to Ledger Donjon for testing. The research uncovered a flaw that could be exploited through a sophisticated laser fault injection attack performed under laboratory conditions. According to the disclosure , Ledger Donjon informed Tropic Square of its findings in January of 2026. Researchers demonstrated that the attack could extract certain secrets from the chip and bypass firmware signature verification mechanisms. Tropic Square later discovered an additional method that leveraged the same underlying weakness, potentially exposing another secret linked to PIN-related functions within the chip. Trezor explained that the flaw impacts only one of the three independent security layers incorporated into the Trezor Safe 7. The company explained that compromising the TROPIC01 chip alone is not sufficient to gain access to a user's PIN, cryptocurrency wallet, or digital assets. Trezor CEO Matej Žák stated that the Safe 7 was specifically designed with multiple independent security mechanisms to prevent a single point of failure from jeopardizing customer funds. The wallet combines the TROPIC01 Secure Element with an OPTIGA Trust M chip and an STM32U5 microcontroller, which creates a layered security architecture responsible for device authentication, PIN verification, and wallet generation. Trezor Safe 7 (Source: Trezor) Because the issue originates at the hardware level, it cannot be resolved through a standard firmware update. Nevertheless, Trezor and Tropic Square chose to publicly disclose the vulnerability after a review of Ledger Donjon’s findings. Ledger Donjon previously examined Trezor devices and published research on potential physical attack vectors. Earlier reports pointed out concerns surrounding hardware wallet security, including vulnerabilities related to microcontrollers and other chip-level components.
3 Jun 2026, 13:00
Sanctioned Russian stablecoin processed $110b and captured 43% of non-USD market in under a year, reports Skynet

A new threat intelligence report from Skynet, shared with Finbold on June 3, 2026, has identified two converging risks reshaping the stablecoin security landscape in 2026: a surge in sophisticated attacks on cross-chain bridge and custody infrastructure, and the rapid expansion of A7A5, a Russian-ruble-backed stablecoin built by sanctioned actors to circumvent Western enforcement. Bridge attacks and wallet compromise account for majority of 2026 DeFi losses Cross-chain bridges remain the highest-value attack surface in the stablecoin ecosystem. Bridge-related incidents in 2026 have so far totaled over $328 million in losses, with the Kelp DAO wallet compromise alone accounting for $291.3 million in April. In fact, wallet compromise has overtaken code vulnerabilities as the dominant exploit vector across major DeFi incidents. Bridge Losses vs Incidents in 2026 . Source Skynet The report identifies five expanding attack categories: cross-chain bridge and interoperability protocols, custody and treasury infrastructure, composability risk within DeFi integrations, payment-focused and stablecoin-specific chains, and compliance and identity infrastructure. The last category marks a notable shift, with attackers increasingly targeting KYC providers, payment APIs, and sanctions screening systems in patterns that more closely resemble traditional financial crime than earlier crypto exploits. Among the 20 largest DeFi incidents of 2026, Drift Protocol on Solana recorded $285.3 million in losses from a wallet compromise on April 1, while Step Finance and Resolv each suffered wallet compromise losses exceeding $26 million. Other major incidents included price manipulation exploits against Rhea Finance ($18.5 million) and YieldBlox ($10.6 million), alongside code vulnerability exploits at Swapnet ($13.3 million), Verus ($11.5 million), and Thorchain ($10.1 million) across multiple chains. A7A5 processes $110b in transactions and captures 43% of non-USD stablecoin market despite sanctions A7A5 is a Russian-ruble-backed stablecoin launched in January 2025 by Old Vector LLC, a Kyrgyz entity acting on behalf of Russian cross-border settlement firm A7 LLC. A7 LLC is co-owned by sanctioned Moldovan-Russian oligarch Ilan Shor, convicted in connection with the theft of approximately $1 billion from three Moldovan banks in 2014, and Promsvyazbank, a Russian state-owned bank serving the defence-industrial complex. Within a year of launch, A7A5 processed more than $110 billion in cumulative on-chain transactions and captured approximately 43% of the global non-USD stablecoin market. A7A5 Cumulative Activity . Source Skynet The stablecoin emerged as a direct institutional response to Western sanctions pressure, following Tether’s freeze of approximately $26 to $28 million in USDT held by sanctioned exchange Garantex in March 2025. Its issuer, collateral bank, and transaction platform are all under overlapping US, UK, and EU sanctions designations, with no independent reserve attestation published. The report documents a volume spike of approximately 102.7 billion tokens on May 14, 2026, exactly ten days before the EU’s 20th sanctions package crypto provisions entered into force. Additionally, the report suggests a plausible reading is that commercial actors were clearing cross-border positions ahead of the deadline. Despite coordinated multi-jurisdictional enforcement, including the EU’s 19th sanctions package naming A7A5 as the first cryptocurrency ever placed under an explicit transaction ban, holder counts grew continuously from approximately 13,000 to 29,000 between February 2025 and May 2026, with no observable inflection at any sanctions event. Finally, the report flags the African expansion as the most urgent unresolved risk. Russia has established A7 offices in Nigeria and Zimbabwe, with Togo potentially next, and PSB Deputy Chairman Dorofeev visited Madagascar in January 2026 for discussions with its new military government. No African jurisdiction has been formally engaged by OFAC, HM Treasury, or the EU on A7A5-related exposure, creating potential secondary sanctions risk for Western-aligned correspondent banks operating in those markets. The primary A7A5 trading venue, Grinex, was hacked for approximately $15 million in April 2026 and suspended operations, leaving the ecosystem without a comparable alternative at scale. Regulatory Response . Source Skynet Featured image via Shutterstock. The post Sanctioned Russian stablecoin processed $110b and captured 43% of non-USD market in under a year, reports Skynet appeared first on Finbold .
3 Jun 2026, 12:52
BNB Chain, CoinMarketCap, and Trust Wallet Launch $36,000 BNB HACK: AI Trading Agent Edition

3 Jun 2026, 12:42
Trezor Reveals Hardware Wallet Vulnerability, But Funds 'Safe'

The vulnerability in Trezor's TROPIC01 Secure Element chip was uncovered by an audit carried out by the Ledger Donjon team.








































