News
21 May 2026, 02:35
RetoSwap Monero DEX Exploited: $2.7 Million in XMR Stolen

BitcoinWorld RetoSwap Monero DEX Exploited: $2.7 Million in XMR Stolen Monero-based decentralized exchange RetoSwap has suffered a security breach, resulting in the theft of approximately 7,000 XMR, valued at around $2.7 million at current market prices. The incident was first flagged by blockchain security firm PeckShield, which identified the exploit on the platform. Details of the RetoSwap Exploit According to PeckShield’s preliminary analysis, the attacker exploited a vulnerability within RetoSwap’s smart contract infrastructure. The exact nature of the exploit—whether it involved a flash loan attack, a price oracle manipulation, or a code vulnerability—has not yet been fully disclosed by the RetoSwap team. The stolen funds were moved to a separate wallet address, and the attacker has not yet attempted to launder the XMR through known mixing services, according to on-chain data analysts. Implications for Privacy-Focused DeFi This attack highlights the persistent security challenges facing decentralized exchanges, particularly those built on privacy-focused blockchains like Monero. While Monero’s inherent privacy features make transaction tracing difficult, they also introduce unique complexities for smart contract development and auditing. The RetoSwap incident serves as a stark reminder that DeFi platforms, regardless of their underlying blockchain, must prioritize rigorous security audits and bug bounty programs to protect user funds. Market and Community Response The Monero community has reacted with concern, as the hack undermines trust in the nascent Monero DeFi ecosystem. XMR’s price saw a minor dip of approximately 1.5% in the hours following the news, reflecting a cautious market sentiment. RetoSwap has not yet released an official post-mortem or announced plans for user reimbursement, leaving affected users in a state of uncertainty. This incident follows a pattern of similar exploits targeting smaller DEXs, where liquidity pools are often less diversified and security measures may be less robust than those on larger platforms. Conclusion The $2.7 million theft from RetoSwap underscores the ongoing security risks within the decentralized finance space, particularly for niche platforms. As the investigation unfolds, the incident will likely prompt renewed calls for enhanced security standards and more transparent incident response protocols across the Monero ecosystem. FAQs Q1: What is RetoSwap? RetoSwap is a decentralized exchange (DEX) built on the Monero blockchain, allowing users to swap Monero-based tokens without a central intermediary. Q2: How much was stolen in the RetoSwap hack? Approximately 7,000 XMR, valued at around $2.7 million at the time of the attack, was stolen. Q3: Has the attacker been identified? No. The attacker’s identity remains unknown. The funds have been moved to a separate wallet, but no laundering activity has been publicly detected yet. This post RetoSwap Monero DEX Exploited: $2.7 Million in XMR Stolen first appeared on BitcoinWorld .
21 May 2026, 01:40
TAC Recovers Majority of Funds After $2.85M TON Bridge Exploit, Users Made Whole

BitcoinWorld TAC Recovers Majority of Funds After $2.85M TON Bridge Exploit, Users Made Whole Blockchain project TAC has successfully recovered the majority of funds stolen in a $2.85 million exploit targeting its TON bridge on May 11, according to a detailed post-mortem report released by the team. The incident, which involved a sophisticated attack on the bridge’s verification system, initially resulted in the loss of locked assets on the TON side and the unauthorized issuance of uncollateralized assets on the TAC platform. How the Exploit Worked The post-mortem reveals that the attacker bypassed the bridge’s code hash verification by deploying a counterfeit contract designed to mimic a legitimate jetton wallet. This fraudulent contract tricked the bridge into processing fake inputs as valid USDT deposits. As a result, the bridge issued uncollateralized assets on the TAC side while draining the corresponding locked assets from the TON network. The stolen funds were quickly laundered across multiple blockchain networks using the LayerZero interoperability protocol, a common tactic employed by attackers to obscure the trail and complicate recovery efforts. Security firm Hypernative detected the breach immediately, but initial recovery attempts were unsuccessful. Recovery and User Compensation Despite the early setback, TAC stated that it has recovered most of the stolen funds through direct negotiations with involved parties. To ensure no user bears a loss, the project will use its foundation treasury to cover any remaining shortfall, guaranteeing that all affected users are fully compensated. The team emphasized that the bridge’s sequencer, which was paused following the exploit, will be gradually reactivated only after undergoing external audits and peer reviews to prevent a recurrence. Why This Matters for DeFi Security This incident highlights a persistent vulnerability in cross-chain bridge infrastructure: the reliance on code hash verification as a security gate. Attackers are increasingly finding ways to deploy look-alike contracts that pass superficial checks, exploiting trust assumptions in the verification process. For users, the outcome here is relatively positive, but it underscores the importance of using bridges that have undergone rigorous, independent security audits and maintain robust monitoring systems. The speed with which funds were moved across networks via LayerZero also demonstrates the growing sophistication of crypto laundering techniques, placing additional pressure on security firms and blockchain analytics platforms to improve real-time detection capabilities. Conclusion TAC’s swift recovery of most funds and its commitment to full user compensation represent a best-case scenario following a serious security breach. However, the attack serves as a reminder that cross-chain bridges remain high-value targets. The project’s decision to subject its patched sequencer to external audits before full reactivation is a prudent step toward rebuilding user trust and strengthening long-term security posture. FAQs Q1: How much was stolen in the TAC bridge exploit? The attacker drained approximately $2.85 million in locked assets from the TON side of the bridge. Q2: Will TAC users lose money from this hack? No. TAC has recovered most of the funds and will use foundation reserves to cover any remaining losses, ensuring all users are fully compensated. Q3: What security flaw did the attacker exploit? The attacker bypassed the bridge’s code hash verification by deploying a counterfeit contract that mimicked a legitimate jetton wallet, tricking the bridge into processing fake USDT deposits. This post TAC Recovers Majority of Funds After $2.85M TON Bridge Exploit, Users Made Whole first appeared on BitcoinWorld .
20 May 2026, 22:54
Trump administration weighs AI model reviews as tech giants race to ship faster

The Trump administration is looking at a new order that would let US security agencies check powerful AI models before companies put them out for the public. The plan came up in a White House briefing led by the Office of the National Cyber Director. The meeting included OpenAI, Anthropic, and Reflection AI, all private companies, so there are no stock tickers for them. The order could be signed by Donald Trump as soon as Thursday. After the first mention, Trump is the name used here. The plan would set up a “voluntary framework” for companies building frontier AI systems. Under that setup, AI firms would tell the US government before major launches. They could also give agencies access to advanced models up to 90 days before those models reach users. Trump lets agencies check frontier AI systems before public launches The AI section of the order will emphasize “covered frontier models,” which means that the government will first determine which AI technologies are sufficiently significant to receive additional review. This won’t involve an examination in one particular office but rather several agencies who will evaluate models before their release. The expected executive order will have two key provisions, one related to cybersecurity and another one related to advanced AI models. While the cybersecurity provision will target the Pentagon, national security agencies, hospitals, financial institutions, and other critical infrastructure throughout the country, the second provision is related to expanding the pool of cyber experts hired. This includes increasing the number of employees at the US Tech Force – a program launched by OPM director Scott Kupor late last year. According to Scott Kupor, the purpose of the US Tech Force program was to recruit top-tier AI specialists in federal agencies. The order would also push AI companies and the government to share more details about security breaches. That part is about speed. If a company finds a weak spot or gets hit, federal teams want that information faster, not three meetings and a dead inbox later. Treasury builds a clearinghouse while NSA gets final AI review power The Treasury Department would lead a voluntary project with AI companies and owners of critical infrastructure. That project would create a clearinghouse within 30 days. The job of the clearinghouse would be simple: find security holes and help fix them. The Office of the National Cyber Director, the National Security Agency, and the Cybersecurity and Infrastructure Security Agency would support Treasury’s work. CISA and the National Institute of Standards and Technology would also help build the model review process. The second section would give Treasury, CISA, and NIST 60 days to create a classified test process for deciding what counts as a covered frontier model. White House chief of staff Susie Wiles, National Cyber Director Sean Cairncross, and Michael Kratsios, who leads the White House Office of Science and Technology Policy, would also take part. After that, Susie, Sean, and Michael would stay tied to the process through their offices. The NSA would have the final say after speaking with the other agencies. The White House started meeting with tech and cyber groups after Anthropic showed Mythos last month to a small group of tech companies and security researchers. A White House official called the reports “speculation” and said any real announcement would come from Trump. The drafting has also shown disagreements inside the Trump administration over how much review frontier AI models should face before launch. The smartest crypto minds already read our newsletter. Want in? Join them .
20 May 2026, 19:45
Drift Protocol triggers frustrated response with Insurance Fund withdrawal update

Drift Protocol has announced that its Insurance Fund depositors will be able to pull their stakes once the protocol restarts. However, the update drew a frustrated response from a user base that seems to have grown visibly impatient with the pace of Drift’s recovery process. The update, which was shared on X on Wednesday, May 20, comes seven weeks after a $280 million exploit forced the Solana-based exchange offline. Since the April 1 attack, which is linked to a DPRK-affiliated threat actor, Drift’s community has pushed back at the platform’s recovery milestones. A governance proposal to convert remaining borrow/lend assets into stablecoins resulted in accusations of unfairness. Redemption terms that penalize early withdrawers have also drawn criticism. And now, an update confirming what depositors already knew was their right is not being seen as reassurance but more of a reminder of how far recovery still has to go. What is Drift’s Insurance Fund for? Drift’s Insurance Fund was put in place as the protocol’s first line of defense when leveraged positions go bankrupt. Users staked USDC, SOL, BTC, or ETH into asset-specific pools and earned a share of trading and liquidation fees in exchange for absorbing bad debt when liquidations fall short. The latest update by Drift confirms this feature and its use case, stating that the fund “exists to maintain protocol solvency in the event of bankruptcies.” However, since the protocol has been paused since April 1, Insurance Fund stakers have been locked out of their capital with no yield accruing. Now, users who fall under this category can look forward to receiving their funds when the protocol goes live again. Why is Drift’s recovery plan drawing criticism? Drift published its recovery framework on May 5, laying out a token-based compensation system. The protocol stated that “Every wallet impacted by the April 1 exploit will be issued a recovery token that represents their verified loss and proportional claim on the recovery pool.” According to Drift, each recovery token is equivalent to $1. It also mentioned in the same thread that it has created a recovery pool, which will be seeded with roughly $3.8M, which is the protocol’s remaining assets converted to USDT . It stated that redemption opens after the recovery pool crosses $5 million, and it currently plans to grow that pool through three capital streams, which are quarterly exchange revenue, the $127.5 million commitment made by Tether to support the relaunch, and up to $20 million from strategic partners. Users who redeem early are going to forfeit their remaining claim and will receive a pro-rata share of whatever the pool holds at that point. The next day, on May 6, Drift made a post on X to clarify its position, stating, “Users are able to redeem at any time after redemption opens; however, early redemption occurs at a discount to the full claim value as users receive a pro-rata share of the current pool.” It added that “Holders who wait may benefit from a higher recovery price as the pool continues to grow.” However, the update did not receive a warm reception from its community, with one user on the Drift governance forum calling the DAO vote on reallocating Insurance Fund assets “effectively an attempt at money laundering” and warning that “anything other than a full return of funds would constitute wire fraud.” Others questioned why governance was voting on converting remaining spot assets to stablecoins before Drift or Tether had disclosed specific contribution amounts to the recovery pool. Another commenter pointed out that the proposal “favors simplicity over distributional fairness,” pointing out that some users had spot-only exposure to assets that were never actually drained. The DeFi United comparison compounds the frustration Cryptopolitan has previously reported on the rsETH bridge recovery coordinated through DeFi United following the April 18 LayerZero exploit. That process moved from exploit to operational restart in 26 days, with Aave transferring the first 25,000 rsETH tranche back into the bridge adapter on May 13. The contributions and ecosystem supports ensured that the affected platforms did not have to negotiate with the attacker. A federal court order cleared the way for recovered ETH to move, and contracts began unpausing for withdrawals within 24 hours. For Drift’s users, it is hard to hide frustrations, especially after observing how the Aave and KelpDAO incident was handled, especially for an incident that occurred a few weeks after the Drift exploit. What will happen to Drift users? Drift has said it aims to relaunch in Q2 2026 as a leaner, perpetual-focused exchange. Key governance votes on the recovery pool methodology and Insurance Fund treatment are still pending. The protocol’s TVL sits at roughly $243 million, according to DefiLlama , down from over $550 million before the exploit. The DRIFT token trades near its all-time low at $0.028. Drift’s fortunes are now tied to its relaunch timeline and how well its revenue-based recovery can credibly close a $280 million gap, as it will go a long way in determining if what it left of its community sticks around. Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free .
20 May 2026, 16:15
Quantum Computing Threatens 10% of Bitcoin Supply, Glassnode Warns

BitcoinWorld Quantum Computing Threatens 10% of Bitcoin Supply, Glassnode Warns A new report from blockchain analytics firm Glassnode has revealed that approximately 10% of the total Bitcoin supply — roughly 1.92 million BTC — is structurally vulnerable to future quantum computing attacks. The finding underscores a growing concern within the cryptocurrency industry as quantum technology advances toward practical application. Why These Bitcoins Are at Risk The vulnerability stems from the design of certain Bitcoin address types that expose public keys by default. Glassnode identified three primary categories at risk: Pay-to-Public-Key (P2PK) outputs from the early Satoshi Nakamoto era, legacy multisig structures such as Pay-to-Multisig (P2MS), and Pay-to-Taproot (P2TR) outputs. Unlike modern addresses that only reveal a public key when a transaction is made, these formats inherently disclose cryptographic information that a sufficiently powerful quantum computer could theoretically exploit to derive private keys. This is not an immediate threat. Current quantum computers remain far from the capacity needed to break Bitcoin’s elliptic curve cryptography. However, the report emphasizes that the structural exposure is permanent for these coins, meaning they will become increasingly attractive targets as quantum hardware matures. Historical Context and Scale The 1.92 million BTC figure includes coins from the earliest days of Bitcoin, including those mined by Satoshi Nakamoto. These coins have remained untouched for over a decade, but their public keys are visible on the blockchain forever. The report notes that while many of these addresses may belong to long-lost wallets or inactive holders, their cryptographic exposure cannot be reversed. Glassnode’s analysis differentiates between theoretical risk and practical exploitability. The firm stressed that the vulnerability is structural rather than active, but the lack of a migration pathway for these coins presents a long-term security challenge for the network. Proposed Solutions: BIP-360 and Pay-to-Merkle-Root In response to the growing quantum threat, the Bitcoin Improvement Proposal BIP-360 has been introduced, suggesting a new output type called Pay-to-Merkle-Root (P2MR). This wallet format is designed to be highly resistant to quantum computing attacks by using Merkle tree structures that obscure public key information until the moment of spending. The proposal also enables voluntary migration, allowing users to move funds from vulnerable addresses to more secure ones without disrupting the existing network. Adoption of P2MR would require consensus from the Bitcoin community and wallet developers. The proposal is still under discussion, but it represents a proactive step toward future-proofing the network against cryptographic advances. Why This Matters for Bitcoin Holders For everyday Bitcoin users, the immediate risk is low. Most modern wallets use SegWit or native SegWit addresses that do not expose public keys until a transaction is signed. However, the report serves as a reminder that the cryptocurrency ecosystem must evolve alongside technological threats. Investors holding large amounts in legacy addresses, particularly those from the early mining era, may want to consider migrating to newer, quantum-resistant formats as they become available. The broader implication is that quantum computing is no longer a distant theoretical concern for the crypto industry. As research accelerates, the window for implementing defensive measures is narrowing. Glassnode’s report adds urgency to ongoing discussions about cryptographic agility and network upgrades. Conclusion Glassnode’s analysis highlights a significant but manageable vulnerability in the Bitcoin network. While no immediate threat exists, the structural exposure of 1.92 million BTC demands attention from developers, miners, and holders alike. Proposals like BIP-360 offer a pathway to security, but their success depends on timely adoption and community consensus. For now, the report serves as a critical wake-up call for an industry that must prepare for a post-quantum future. FAQs Q1: Is my Bitcoin at risk from quantum computing right now? No. Current quantum computers are not powerful enough to break Bitcoin’s cryptography. The risk is future-oriented, and most modern wallets are not structurally vulnerable. Q2: Which Bitcoin addresses are most vulnerable? Pay-to-Public-Key (P2PK), Pay-to-Multisig (P2MS), and Pay-to-Taproot (P2TR) outputs are considered structurally vulnerable because they expose public keys by design. Q3: What can I do to protect my Bitcoin? Use modern wallet types such as SegWit or native SegWit addresses. Monitor developments around BIP-360 and consider migrating funds to quantum-resistant formats once they are widely supported. This post Quantum Computing Threatens 10% of Bitcoin Supply, Glassnode Warns first appeared on BitcoinWorld .
20 May 2026, 15:31
Drift says Insurance Fund deposits remain safe after exploit backlash

Drift Protocol says Insurance Fund deposits were not impacted by the exploit and can still be withdrawn after relaunch.








































