News
27 May 2026, 10:00
OpenZeppelin Co-Founder Warns That “All of DeFi” Is Unsafe

His comments came after nearly $630 million was stolen from DeFi protocols in April alone. Major incidents included a $285 million Drift exploit and a $293 million Kelp DAO attack, both reportedly linked to North Korean hacking groups. DefiLlama recorded 27 DeFi exploit incidents in April. The trend continued into May with 25 additional exploit cases. DeFi Security Fears Grow The concerns around decentralized finance (DeFi) security intensified this week after OpenZeppelin co-founder Manuel Aráoz declared that he now considers “all of DeFi” unsafe. In a post that was shared on X on Tuesday, Aráoz revealed that he personally advised friends and family to exit all DeFi positions, including investments in major “blue chip” protocols like Aave, MakerDAO, and Compound. Aráoz argued that the balance between attackers and defenders in the DeFi industry has become uneven, especially with the rise of AI-powered coding agents that can discover vulnerabilities in smart contracts. According to him, defenders are forced to secure every possible weakness in a protocol, while attackers only need to identify a single flaw to drain millions of dollars. Almost $630 million was stolen from DeFi protocols in April alone, which made it the worst month for DeFi-related hacks since the massive Bybit exploit in February of 2025, where attackers stole around $1.5 billion. April’s losses were driven largely by two major attacks. One of the biggest incidents involved a $285 million exploit targeting Drift, which was reportedly the result of a sophisticated six-month social engineering campaign. Another major attack struck Kelp DAO, where hackers exploited vulnerabilities tied to the project’s cross-chain bridge infrastructure and stole roughly $293 million. Security researchers and blockchain analysts attributed both attacks to North Korean state-backed hacking groups, which have focused on the cryptocurrency industry as a source of illicit funding. According to DefiLlama data , there were 27 separate DeFi exploit incidents recorded during April. Total value hacked by month (Source: DeFiLlama) Investor confidence in decentralized finance also seems to be weakening due to security risks. Total value locked (TVL) across DeFi protocols dropped by approximately 14% since mid-April, falling from around $172 billion to roughly $148 billion. The decline suggests that some users may already be withdrawing funds from decentralized platforms thanks to the growing fears over protocol safety. The trend continued into May, with another 25 DeFi exploit incidents already reported so far this month, although the financial losses have been smaller compared to April’s massive breaches. Among the incidents was an $11.6 million exploit involving Verus Network’s Ethereum bridge. Meanwhile, prediction market platform Polymarket recently confirmed a separate $573,200 security breach that may have stemmed from a compromised private key connected to an internal operational wallet.
27 May 2026, 09:27
Could AI agents expose DeFi’s next wave of hidden exploits?

Crypto social media has raised the issue of DeFi vulnerabilities to AI agents. The chief concern is that AI agents are much better at discovering exploit loops, thus putting even solid and large DeFi protocols in danger. According to Manuel Araoz, all of DeFi is more vulnerable to exploits, mostly due to the use of AI analysis. Araoz, who is the founder of Open Zeppelin, warned that AI is a constant threat to decentralized projects. PSA: I now consider *all* of DeFi unsafe. Coding agents are superhuman at finding vulnerabilities, and smart contract security is too asymmetric: defenders need to fix every bug while attackers need just one exploit to steal funds. — Manuel Aráoz (@maraoz) May 26, 2026 He has warned against using even the most established DeFi protocols like Aave, Sky Protocol, and Compound. For now, some investors consider those protocols reasonably safe, but there are still warnings on setting up timelocks and avoiding permissionless operations. The warning arrives after crypto hacks reached record levels in April, and started to undermine trust in smaller DeFi protocols. However, blue-chip projects still host multiple vaults with their own risk levels. DeFi lost around $285M in attacks attributed to DPRK hackers, and another $437.4M from unidentified threat actors, according to Dune Analytics data . Most of the hacks in 2026 were linked to a bridge verification flaw, followed by social engineering . Is AI creating a wave of hacks? The warning that AI may exploit DeFi protocols is spreading on crypto social media. The chief fear is that multiple projects may still run vulnerable smart contracts, despite years of audits. However, according to other analysts, AI may not be that powerful in exploiting flawed contract logic. Instead, exploits always depend on a human element, such as errors in signing transactions or access to exposed private keys. The recent exploits also showed some DeFi protocols had a centralized element that allowed threat actors to take control. The founder of Slow Mist warned the recent attacks were a mix of logic hacking and social engineering. He called to DeFi teams to use AI themselves and simulate attacks and exploits, calling for at least one attack drill each quarter. DeFi hacks slowed down again in May After almost daily attacks in April, hacks slowed down in May, returning to a low baseline. In May to date, only around $44M were taken in various hacks, as only smaller protocols were attacked. In May, hacks against DeFi protocols returned to baseline, after the record of KelpDAO in April. | Source: DeFiLlama . In May, around 14 attacks were reported, of which the most serious one affected ThorChain. For now, lending protocols are still functioning, though open to the same exploits with flash loans and potential bridging risks. DeFi suffered a hit from April’s exploits, in combination with weakening ETH prices. As a result, DeFi protocols now hold around $81B, down from over $98B in April. The current TVL levels only reflect nominal prices, and in fact more assets are locked in DeFi as a source of passive income. Aave, the leading protocol, still holds around $14B, not yet recovered from the withdrawals in April. As Cryptopolitan reported , the KepDAO exploit was also a major blow to trust in DeFi. Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free .
27 May 2026, 08:06
LIVE – Crypto News, May 27: Noah Doe Lawsuit, Satoshi-Linked Wallet, Infamous Mt. Gox Hack, and $8 Million in Burned Bitcoin

In a bizarre crypto twist, pseudonymous plaintiff Noah Doe has filed a lawsuit in New York claiming ownership of 39,069 dormant Bitcoin wallets holding an estimated 3.7 million BTC. The filing references addresses allegedly tied to early miners, wallets from the Satoshi Nakamoto era, and even funds connected to the infamous Mt. Gox collapse. According to the filing, Noah Doe claims the wallets qualify as abandoned property after he allegedly discovered a flaw that permanently locked their owners out. The plaintiff claims he first reported the issue to the NYPD and attempted to locate the original owners before pursuing legal action. NY LAWSUIT SEEKS OWNERSHIP OF 39,069 DORMANT BITCOIN WALLETS A 901-page filing by “Noah Doe” and two Wyoming LLCs is asking a New York court to treat these dormant #BTC addresses as abandoned property. The list reportedly includes early miner wallets, an address linked to… pic.twitter.com/hJuIo9bdbd — Chad Sartin (@Chadsartin15) May 26, 2026 The case specifically targets long-dormant miner wallets and early-era Bitcoin addresses that have remained untouched for years. Still, the lawsuit faces a major obstacle as courts cannot move Bitcoin without private keys, making the claim legally fascinating but technically almost impossible to enforce. Even so, this revives one of crypto’s oldest fears as dormant whales suddenly return to the market. These cases also linked the discussion to growing concerns around quantum computing and the vulnerability of early Bitcoin cryptography. At its core, Bitcoin ownership remains cryptographic. So, even if Noah Doe somehow succeeds in court, the coins themselves would likely remain inaccessible forever. Bitcoin (BTC) 24h 7d 30d 1y All time Mt. Gox Ghosts Return to Haunt the Market: Noah Doe and Reality Check The lawsuit has also reopened old wounds tied to Mt. Gox , after filings referenced wallets associated with the exchange’s historic collapse. For many long-time Bitcoin holders, the mention alone was enough to trigger memories of one of crypto’s darkest chapters. Particular attention has centered on the infamous “1Feex” address, widely associated with funds stolen during the Mt. Gox era. This Mt. Gox connection has already fueled intense debate across crypto Twitter, with traders once again discussing the possibility of massive dormant BTC eventually re-entering circulation. But even though Mt. Gox was called the end of crypto and Bitcoin, we eventually recovered and are where we are now. Discover: The best crypto to diversify your portfolio with Bitcoin Supply Shock Meets AI Narrative Mania At the same time, Bitcoin’s circulating supply recently tightened further after $8 million worth of BTC was apparently burned forever from five dormant wallets for unknown reasons. This has also brought questions to the community, especially when the market is bleeding. A whale giving up? Or a symbolic action that shows the owner’s trust in the crypto ecosystem? The community linked these wallets to Noah Doe, especially with the Mt.Gox connection. Noah Doe — Captain (@CaptainBSV) May 25, 2026 JUST IN: According to AMLBot Over 100 bitcoin:native ($7.7M), linked to Mt. Gox receiving wallets were recently sent to a known Bitcoin burn address. One wallet that received 20 bitcoin:native had been gradually offloading to Kraken before burning its remaining 1.42 BTC… pic.twitter.com/0Msew7rsuh — SolanaFloor (@SolanaFloor) May 26, 2026 Elsewhere, AI-related crypto sectors continue attracting aggressive rallies. Decentralized AI projects, robotics tokens, and AI-powered trading infrastructure have all posted strong performances, with projects like NEAR and VVV riding the wave of the current speculative interest by posting double-digit gains in a short time frame. Meanwhile, viral headlines on Ferrari EV expansion have also somehow made it into the crypto community. Some are just not happy with the pivot, but hey, so was crypto when it was first available to the masses. Web3 integration across traditional industries is one of the proofs that humanity is moving forward, or backward. Nevertheless, the idea of blockchain adoption is quietly spreading beyond crypto-native circles. | Luca Cordero di Montezemolo on the new Ferrari Luce: "If I said what I really think, I'd harm Ferrari. We're risking the destruction of a myth, I'm very sorry about that. I hope they at least remove the Prancing Horse from that car" pic.twitter.com/CdqD5mGFuN — La Gazzetta Ferrari (@GazzettaFerrari) May 26, 2026 In other news, according to Santiment trend data, Quant, Chainlink, and Stellar have recently dominated social chatter due to Robinhood-related listings, community controversies, and discussions of tokenized funds, helping sustain market engagement even as Bitcoin consolidates. Taken together, the Noah Doe lawsuit, resurfacing Mt. Gox narratives, and fresh Bitcoin supply shocks are creating an exciting backdrop for the market. As dormant wallet speculation collides with accelerating AI narratives, people are increasingly betting that the next major move for Bitcoin could arrive sooner than expected. Sentiment is at rock bottom, and usually it does flip. Follow us for today’s news updates. Discover: The best pre-launch token sales The post LIVE – Crypto News, May 27: Noah Doe Lawsuit, Satoshi-Linked Wallet, Infamous Mt. Gox Hack, and $8 Million in Burned Bitcoin appeared first on Cryptonews .
27 May 2026, 06:10
Gold Faces Headwinds as Geopolitical Risks and Fed Hawkishness Boost Dollar

BitcoinWorld Gold Faces Headwinds as Geopolitical Risks and Fed Hawkishness Boost Dollar Gold prices are showing signs of vulnerability as a combination of persistent geopolitical tensions and renewed expectations of further interest rate hikes from the Federal Reserve continue to strengthen the US dollar. The precious metal, traditionally viewed as a safe-haven asset, is finding itself caught between conflicting forces that are testing its recent price stability. Dollar Strength Pressures Gold The US dollar has been on a steady upward trajectory, buoyed by hawkish comments from Federal Reserve officials who have signaled that interest rates may need to remain higher for longer to combat stubborn inflation. A stronger dollar typically weighs on gold, as it makes the metal more expensive for buyers using other currencies. This dynamic has been a primary factor in capping gold’s upside potential in recent weeks. Geopolitical Uncertainty Provides Mixed Signals While geopolitical flashpoints — including ongoing conflicts in Eastern Europe and heightened tensions in the Middle East — have historically supported gold demand as a hedge against instability, the current market reaction has been more muted. Investors appear to be prioritizing the opportunity cost of holding non-yielding gold against rising interest rates, rather than rushing into safe-haven trades. This shift in sentiment suggests that the traditional geopolitical risk premium for gold may be diminishing in the current rate environment. What This Means for Investors For market participants, the current setup presents a complex picture. Gold bulls are hoping that a stabilization in the dollar or an unexpected escalation in geopolitical events could reignite buying interest. However, the prevailing macro environment — characterized by sticky inflation, resilient economic data, and a Fed that remains committed to tightening — suggests that headwinds for gold are likely to persist in the near term. Traders are closely watching upcoming US economic data releases and Fed speeches for further clues on the trajectory of monetary policy. Conclusion Gold’s vulnerability reflects a market caught between the opposing forces of geopolitical uncertainty and monetary policy tightening. While the metal retains its long-term appeal as a store of value, the short-term outlook remains challenged by a strong dollar and the prospect of higher-for-longer interest rates. Investors should monitor dollar index movements and Fed rhetoric closely for signs of a potential shift in the balance. FAQs Q1: Why does a stronger US dollar hurt gold prices? Gold is priced in US dollars globally. When the dollar strengthens, it takes fewer dollars to buy the same amount of gold, pushing prices down. Additionally, a strong dollar makes gold more expensive for foreign buyers, reducing demand. Q2: How do Federal Reserve rate hikes affect gold? Higher interest rates increase the opportunity cost of holding gold, which pays no interest or yield. Investors may shift funds into interest-bearing assets like bonds, reducing demand for gold. Q3: Can geopolitical tensions still push gold higher? Yes, but the impact may be limited if the dollar continues to strengthen. Historically, major geopolitical shocks have boosted gold, but the current market is more focused on monetary policy dynamics. This post Gold Faces Headwinds as Geopolitical Risks and Fed Hawkishness Boost Dollar first appeared on BitcoinWorld .
27 May 2026, 00:40
Resolv Foundation Outlines Recovery Plan Following $25M Protocol Exploit

BitcoinWorld Resolv Foundation Outlines Recovery Plan Following $25M Protocol Exploit The Resolv Foundation has officially released its recovery plan following a severe security breach that led to the infinite minting of approximately 80 million USR tokens, resulting in an estimated $25 million loss. The incident, first reported by Bitcoin World, has prompted the foundation to implement a tiered compensation strategy aimed at restoring trust among affected token holders. Recovery Plan Details and Token Exchange Rates Under the announced plan, holders of USR and wrapped staked USR (wstUSR) will be eligible for an exchange to USDC at a 1:1 ratio, provided their holdings are based on a pre-incident blockchain snapshot. This means users who held these tokens before the exploit can recover their full value in USDC, a stablecoin pegged to the U.S. dollar. However, tokens acquired after the security incident will be subject to a different rate. The foundation stated that post-incident USR and wstUSR tokens will be exchanged at a 1:0.5 ratio, effectively halving the value for those who purchased or received the tokens after the breach. This distinction is designed to prevent profiteering from the exploit while protecting long-term holders. Compensation for RLP Holders Holders of Resolv Liquidity Provider (RLP) tokens will receive 0.71 USDC per token, reflecting the foundation’s assessment of the token’s value at the time of the incident. Additionally, RLP holders will be allocated extra RESOLV tokens valued at $0.03 each, intended to provide further compensation and align incentives with the protocol’s future development. The foundation emphasized that these measures are part of a broader effort to stabilize the ecosystem and prevent further market disruption. The recovery plan is subject to community feedback and may be adjusted as the situation evolves. Why This Matters to DeFi Users and Investors The Resolv exploit highlights ongoing security risks in decentralized finance, where smart contract vulnerabilities can lead to significant financial losses. For users, the incident underscores the importance of understanding token exposure and the potential for post-exploit recovery mechanisms to differ based on timing of acquisition. The tiered compensation approach also sets a precedent for how protocols might handle similar situations in the future, balancing fairness to long-term supporters with the need to discourage speculative behavior after an exploit. Market observers will be watching closely to see how the recovery plan affects confidence in Resolv’s ecosystem and whether other DeFi protocols adopt similar frameworks. The incident also raises questions about the adequacy of security audits and the role of insurance in protecting user funds. Conclusion The Resolv Foundation’s recovery plan represents a structured attempt to address the fallout from a major security incident, offering differentiated compensation based on pre- and post-exploit token holdings. While the plan aims to restore value for affected users, its success will depend on community acceptance and the protocol’s ability to rebuild trust. As investigations continue, the broader DeFi industry will likely draw lessons from both the exploit and the foundation’s response. FAQs Q1: What happened during the Resolv Labs hack? The security breach allowed an attacker to mint approximately 80 million USR tokens infinitely, leading to a loss of around $25 million. The exploit targeted a vulnerability in the protocol’s smart contract. Q2: How do I know if my tokens are eligible for the 1:1 exchange? Eligibility is based on a pre-incident blockchain snapshot. If you held USR or wstUSR before the exploit, you can exchange them for USDC at a 1:1 ratio. Tokens acquired after the incident will be exchanged at 1:0.5. Q3: What compensation will RLP token holders receive? RLP holders will get 0.71 USDC per token, plus additional RESOLV tokens valued at $0.03 each. The foundation says this reflects the token’s value at the time of the incident and aims to provide fair compensation. This post Resolv Foundation Outlines Recovery Plan Following $25M Protocol Exploit first appeared on BitcoinWorld .
26 May 2026, 23:45
Fake Uniswap Website Drains Crypto Wallets as Scammers Pocket $400K

A fake website impersonating Uniswap is draining funds from multiple crypto wallets. The prominent on-chain analyst, pseudonymously known as “b-block,” warned that the scammers currently control at least $400,000 in stolen assets. Users were urged to rely only on official links and verify protocols through DefiLlama. Uniswap Tops List of Most-Targeted Platforms The latest update comes a month after security group SEAL reported a major rise in malicious Google Ads targeting crypto users. It found that attackers were impersonating popular DeFi platforms, wallets, and trading applications to steal funds. SEAL said it recently blocked over 356 malicious Google ad URLs tied to crypto scams, which targeted platforms such as Uniswap, Morpho Finance, PancakeSwap, Hyperliquid, CoW Swap, and 1inch users According to the report, attackers used hacked or fraudulently obtained Google advertiser accounts and relied on cloaking, fingerprinting, and nested iframe delivery systems to bypass Google’s automated review checks. Many of the fake ads used trusted Google services such as sites.google.com and docs.google.com to appear legitimate in search results. SEAL identified crypto drainer families, including Inferno Drainer and Vanilla Drainer, as the most commonly used malware in the campaigns. The report said these tools trick users into signing malicious wallet transactions or entering recovery seed phrases on cloned websites, allowing attackers to take control of wallet assets. SEAL also added that the advanced infrastructure used in the attacks, including Cloudflare Workers, Arweave-hosted payloads, traffic redirection systems, and proxy layers, can intercept Ethereum RPC requests and monitor user activity in real time. Uniswap was the most impersonated platform, accounting for 41% of tracked malicious sites. Between March 13 and March 30, confirmed and unattributed losses linked to the campaigns exceeded $1.27 million, although the security group said the actual figure was likely significantly higher. Rampant Phishing Campaigns While the recent Uniswap-related scams mainly involved fake websites and malicious Google Ads, a separate phishing campaign earlier this year targeted Ledger users through fraudulent emails. The attack followed a data breach at Ledger’s third-party e-commerce partner, Global-e, which exposed customer contact and order information. The scammers claimed in emails that Ledger and Trezor had merged and urged users to migrate their wallets via fake websites that requested 24-word recovery phrases. The phishing pages closely copied the companies’ official branding and messaging styles. More recently, Ripple CTO David Schwartz warned of a phishing campaign that sent fake security alerts that appeared to come from Robinhood’s official email system. The emails passed authentication checks because attackers exploited Robinhood’s account creation flow, which made the messages appear legitimate. The phishing note claimed a new login from an “iPhone 17 Pro” and prompted users to review suspicious activity through a “Review Activity Now” button, which then directed them toward credential theft. Robinhood later confirmed the issue, but stated that no systems were breached and no funds were affected. The post Fake Uniswap Website Drains Crypto Wallets as Scammers Pocket $400K appeared first on CryptoPotato .










































