News
18 May 2026, 08:49
Versus-Ethereum Bridge Exploited: Analyzing Chain of Events

Another day, another DeFi-related hack, this time it's a large Ethereum bridge.
18 May 2026, 08:32
Aave restores WETH collateral rates to pre-attack levels

🚨 $292 million in tokens minted after April’s WETH exploit. Aave has officially restored WETH collateral rates across six major networks. ⏩ Critical development: Full recovery signals renewed DeFi confidence in $AAVE. Continue Reading: Aave restores WETH collateral rates to pre-attack levels The post Aave restores WETH collateral rates to pre-attack levels appeared first on COINTURK NEWS .
18 May 2026, 08:31
Hacker Steals Over $11M From Verus-Ethereum Bridge

Hackers have reportedly drained $11.58 million from the Verus-Ethereum bridge. According to alerts from various blockchain security platforms, the exploit hit one of Verus’ cross-chain bridge contracts and emptied reserves containing ETH, tBTC, and USDC. How the Attack Worked Two of the firms, CertiK and PeckShield, flagged suspicious activity from the bridge contract at 0x71518580…cd7f63 within hours of the exploit. Per their posts on X, the stolen assets totaled 1,625 ETH, 103.56 tBTC, and 147,000 USDC, with the attacker quickly swapping everything into approximately 5,402 ETH and parking the funds in a separate wallet. Another on-chain security firm, Blockaid, published a technical breakdown shortly after, and it is the clearest account of what went wrong. According to them, the bridge correctly checked three things: a notarized Verus state root signed by eight of fifteen notaries, a Merkle proof of the cross-chain export, and a hash binding confirming the integrity of the transfer data. However, what it did not check was whether the source-chain export’s stated amounts actually matched what it was about to pay out. The attacker reportedly built a transaction on the Verus side for roughly 0.02 VRSC, which is about $0.01 at current prices, that committed a keccak hash of a payout blob while listing empty source-side totals. The Verus protocol accepted it as legitimate, and the notaries signed the resulting state root without issue, because from their perspective, nothing was wrong. On the Ethereum side, the attacker called submitImports() with a serialized transfer blob whose hash matched the committed value, so the bridge verified the hash, decoded the blob, and paid out 1,625 ETH, 103 tBTC, and 147,000 USDC from its reserves to the attacker. In a nutshell, it cost the attacker about $10 in VRSC fees for a return of $11.58 million. Per the Blockaid report, there was no ECDSA bypass, no compromise of notary keys, and no parser or hash-binding bug. The vulnerability was a missing source-amount validation in a function called “checkCCEValues,” which, according to the security firm, would take around ten lines of Solidity to fix. Bridge Exploits Are on the Rise Last month, according to Certik, the wider crypto sector lost more than $650 million to bad actors, with a huge chunk of that amount coming from just two incidents: an attack on KelpDAO that led to the theft of more than $292 million and another on Drift Protocol, which lost over $285 million. Bridges are also being increasingly targeted, with the Verus exploit being the eighth incident involving such platforms this year, and according to PeckShield, their attackers have made off with at least $328 million. Meanwhile, looking at the market, VRSC, the Verus native token, didn’t seem to have reacted to the news of the exploit. Data from CoinGecko shows that it was largely flat on the day of the hack, having barely moved in the 24-hour window heading into the attack. At the time of writing, it was trading at around $0.75, down 6% in 30 days, while in the last year it has lost close to 73% of its value. The post Hacker Steals Over $11M From Verus-Ethereum Bridge appeared first on CryptoPotato .
18 May 2026, 08:30
Ethereum Price Prediction: Verus DeFi Protocol Exploit Drains $11 Million

Ethereum price is down, just barely holding $2,100, and a fresh protocol risk has just handed another bearish prediction. A cross-chain bridge exploit drained over $11 million just now, rattling sentiment at exactly the wrong moment. ALERT: VERUS-ETHEREUM BRIDGE HACKED FOR $11.4 MILLION PeckShieldAlert says the Verus-Ethereum Bridge was drained for 103.6 $tBTC , 1,625 $ETH , and 147,000 $USDC . The attacker has already swapped the stolen funds into 5,402 $ETH , now sitting in a single wallet. The exploiter’s… pic.twitter.com/OEr6frBLkB — Coin Bureau (@coinbureau) May 18, 2026 The Verus-Ethereum bridge was the target. An attacker extracted 103.6 tBTC, 1,625 ETH, and 147,000 USDC before swapping the haul into 5,402.4 ETH, worth just over $11 million. The exploit follows a brutal pattern: Kelp DAO lost $293 million in April via LayerZero’s cross-chain messaging system, and the Drift attack earlier this year added $270 million to the industry’s running tab. All these bridge exploits consistently produce the largest individual losses in any given year. Oracle and protocol vulnerabilities remain a systemic threat, too. Discover: The best pre-launch token sales Ethereum Price Prediction: Reclaim $2,200 Before Bears Take Control ETH is grinding through a bearish-to-neutral consolidation zone with limited near-term catalysts to reverse it. The current price is $2,110, with the RSI at 34, indicating weak overall momentum. Key levels define the near-term range. Support sits just at $2,100; a close below that opens the door to further downside with few obvious technical floors. Resistance clusters at $2,200, then $2,250 if ETH manages a convincing breakout. Ethereum (ETH) 24h 7d 30d 1y All time Bull case: ETH holds $2,100, volume picks up, reclaims $2,250, with analysts projecting $2,425 in average. Base case: Sideways chop between $2,100 and $2,200 as the market digests the exploit and awaits ETF flow data. Bear case: A close below $2,100 on elevated volume invalidates the consolidation thesis entirely, with the next meaningful support significantly lower. On-chain liquidity and DeFi market structure suggest the exploit adds friction to any recovery. Rotation out of smaller DeFi names is already visible. ETH needs a catalyst, not just a bounce. Discover: The best crypto to diversify your portfolio with LiquidChain Targets Early Mover Upside as Ethereum Tests Key Levels ETH consolidating near six-week lows while cross-chain infrastructure keeps getting exploited raises an uncomfortable question for DeFi participants: what does a safer, unified liquidity architecture actually look like? The current fragmentation of assets siloed across Bitcoin, Ethereum, and Solana is precisely what makes bridges high-value attack surfaces. To put it into perspective, the $293 million Kelp DAO loss was a LayerZero messaging failure, not a smart contract bug. https://twitter.com/getliquidchain/status/1988272292158403044?s=20 LiquidChain is a Layer 3 infrastructure project building what it calls the Cross-Chain Liquidity Layer, fusing BTC, ETH, and SOL liquidity into a single execution environment. The architecture centers on four components: a Unified Liquidity Layer, Single-Step Execution, Verifiable Settlement, and a Deploy-Once model that lets developers access all three ecosystems without redeploying across chains. The presale token, $LIQUID , is currently priced at $0.0146 , with $770K raised to date. The project is also currently giving a 1500% APY staking bonus only for early buyers. Research LiquidChain and review the presale details here. The post Ethereum Price Prediction: Verus DeFi Protocol Exploit Drains $11 Million appeared first on Cryptonews .
18 May 2026, 08:19
Verus Ethereum Bridge Attack Siphons $11M+, Cross Chain Weakness Rise in 2026

The decentralized finance (DeFi) sector is facing yet another serious security breach , as the Verus Ethereum bridge has become a casualty of an escalating series of cross-chain exploits. As of the time this is being reported, the attack is still ongoing with damages already exceeding $11.58 million worth. Such incidents are a consequence of the revelation of gaps in bridge architecture which has existed even before. Preliminary assessments from a few blockchain security firms, reported that the exploit is not only financially large but technically complicated as well and could involve basic vulnerabilities in how validation protocols or contract permission schemes are built. With the investigations getting underway, however, this Verus case is quickly blossoming into a major flagship example of how systemic risks in cross-chain infrastructure can proliferate. Total Assets Diverted From The Bridge According to detailed reports after Blockaid incident update and confirmation on fortifies of the exploit by PeckShield alert on the exploit, which identifies unique assets looted from the breach, the attacker drained the bridge of 103.6 tBTC, 1,625 ETH, and approximately 147k USDC. The assets were then pooled and swapped into 5,402 ETH, roughly $11.4 million at the time. Community alert: Blockaid's exploit detection system has identified an on-going exploit on the @veruscoin Verus-Ethereum Bridge ( https://t.co/HEwYZqFEfC ). ~$11.58M drained so far. More details in — Blockaid (@blockaid_) May 18, 2026 The swap of the asset is a typical pattern after exploits take place, where they collect disparate tokens and turn them into a single high-value liquid cryptocurrency (in this case ETH) to simply transfer or wash. Another interesting point is how the attackers funded their wallet initially: as Peckshield pointed out, it was filled with only 1 ETH through Tornado Cash around 14h before the hack. The usage of privacy-enhancing tools like this is just further evidence of the continual evolution to obscure the attribution of malicious activity. Attack Method Suggests Weakness In Bridge Logic Insufficient technical specifications have yet to be fully assessed but preliminary analysis suggests the exploit exploited a weakness in the bridge’s main logic. The analysis by GoPlus Security shows that the attacker started submitting a low-value transaction to the bridge contract. This seemingly innocent action was then quickly followed by the execution of a designated function that initiated an undesired transfer of reserve assets directly into the hacker’s wallet. GoPlus Security Alert: @veruscoin ’s Verus-Ethereum Bridge has been exploited, resulting in an estimated loss of approximately $11.5M. The attacker drained a large amount of assets from the Ethereum side of the bridge in a single transaction (1,625 ETH + 103.57 tBTC + 147K… pic.twitter.com/F2EhhYfbCD — GoPlus Security (@GoPlusSecurity) May 18, 2026 GoPlus Security initially proposed some possible root causes: holes in cross-chain message validation failure; signature forgery; withdrawal logic error; access control policies and implementation mistakes. All of these fields are critical to the security of bridges. Compromise in any can let attackers bypass protections and deplete pooled funds, which is exactly the breach we have observed. While the criticism was expected, some were disappointed by the lack of immediate response. The Verus developers have not released any official comment on the exploit by the time of publishing. The silence is deafening, especially considering the size and continuity of the unprecedented attack. Prompt communication in a DeFi incident has been important as containment, coordination and user confidence hinges on this. Without communication the threat of decaying market confidence looms especially damaging as bridge exploits are hitting headlines nationally throughout 2026. Bridge Exploits Account for Massive Majority of Losses in 2026 The exploit of Verus is merely one in a larger trend this year that has left millions of dollars worth of various dollars damaged on cross-chain bridges. According to data from PeckShield, in 2026 there were eight large bridge hacking incidents with a cumulative loss of $328.6 million. The biggest incident is still the KelpDAO/LayerZero exploits with a loss of $292m. Among these incidents, the largest was the KelpDAO / LayerZero exploit, which accounted for a staggering $292 million in losses. Other notable breaches include the Verus Ethereum bridge at $11.4 million, THORChain at around $10 million, and the IoTeX bridge at $8.8 million. #PeckShieldAlert As of mid-May 2026, the crypto space has witnessed 8 major #bridge -related exploits, with hackers exfiltrating a cumulative $328.6M from cross-chain protocols. The table below outlines the details of these incidents: pic.twitter.com/0xTNxIHi4b — PeckShieldAlert (@PeckShieldAlert) May 18, 2026 The dominance of bridge-related losses underscores a long-term challenge for the industry: Although bridges are an important enabling technology for cross-chain interoperability, they can also create complex attack vectors that are hard to defend against completely. Increasing Complexity In Cross-Chain Attacks From Data One of the most interesting aspects of the Verus exploit is how small and simple the initial transaction was, especially for such a massive transfer of assets. Low-Value Transaction to Activate Huge Transfer by Attacker, this shows that minor oversights in terms of contract design with minimum value can cause major disasters. At the same time, background measures, such as sending cash to support the attackers pockets via Tornado Money, show an operational end level that is very much in line with progressively industrialized risk stars. What makes this stand out is the combination of simple harvesting techniques with strategic misdirection, something that is becoming common-place in modern-day DeFi exploits. Adversaries are not just finding tech weaknesses, they know what it is and fine-tuning their social engineering, looking to do as much damage with the least detection. Industry Continues To Reckon With Security The continuous targeting of bridge infrastructure in the DeFi space forces fundamental questions about the resilience of current security paradigms, as we witness this sector mature. Bridges, which allow for liquidity and interoperability between blockchains, are necessarily complex; therefore achieving complete security is a difficult problem. Every hack that transpires strengthens the case for more robust validation systems, stricter contract audits, and perhaps even entirely new architectural frameworks to minimize reliance on centralized or semi-centralized elements. The Verus Ethereum bridge exploit is a timely reminder of the dangers in DeFi when it’s confronted by new tools. The same retaliation based attacks were seen during the ill-fated launch of Project Mist, and as such it seems these types of threats won’t be going anywhere fast. Unfortunately, attackers constantly change, which means that the industry has to build systems not only against known threats but also against unanticipated vulnerabilities in the future. Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services. Follow us on Twitter @nulltxnews to stay updated with the latest Crypto, NFT, AI, Cybersecurity, Distributed Computing, and Metaverse news !
18 May 2026, 07:13
Crypto security is turning into an AI arms race as agents may overwhelm compliance teams

AI agents and automated payments could reach a scale that crypto monitoring systems built for human-paced markets cannot handle, Elliptic CEO Simone Maini warned.





































