News
12 May 2026, 06:00
INK Finance loses $140K as whitelist bypass exploit targets treasury infrastructure – Details

Repeated authorization exploits continue to expose operational weaknesses across DeFi treasury infrastructure.
12 May 2026, 02:40
Fluid Repays $19.3M in Bad Debt Following March Resolv Hack

BitcoinWorld Fluid Repays $19.3M in Bad Debt Following March Resolv Hack DeFi lending platform Fluid has announced the full repayment of $19.3 million in bad debt stemming from the March hack of the Resolv protocol. The resolution, detailed in a post-mortem report released by the platform, marks a significant step in addressing the financial fallout from the incident. How the Debt Was Covered According to Fluid’s report, the bad debt was fully covered through a coordinated effort involving the Fluid team, its governance treasury, and Resolv. The platform had approximately $100 million in exposure to Resolv, with a $21 million default occurring during a depegging event triggered by the hacker. Fluid’s own smart contracts were not compromised in the incident, the report clarified. Immediate Measures Taken In the wake of the hack, Fluid implemented several measures to stabilize its operations and mitigate further risk. These included halting its buyback program and reducing token issuance. The platform’s ability to absorb the loss without broader disruption to its lending services underscores the resilience of its financial model, though the event has raised questions about the risks associated with cross-protocol exposure in DeFi. What This Means for the DeFi Sector The resolution of this debt is a positive signal for the broader DeFi ecosystem, demonstrating that platforms can recover from significant exploits without collapsing. However, it also highlights the ongoing challenges of managing risk in a highly interconnected space. Fluid’s handling of the situation may serve as a case study for other protocols facing similar crises, particularly in terms of transparent communication and swift action. Looking Ahead: Security and Legal Frameworks Fluid has stated it plans to enhance its security protocols and introduce a legal framework for asset protection moving forward. These steps are intended to prevent similar incidents and provide clearer recourse in the event of future exploits. The platform’s commitment to transparency in its post-mortem report is likely to be viewed favorably by users and investors seeking accountability in the DeFi space. Conclusion The repayment of the $19.3 million bad debt by Fluid represents a significant milestone in the aftermath of the March Resolv hack. While the incident exposed vulnerabilities in cross-protocol dependencies, Fluid’s swift response and transparent reporting have helped restore confidence in its platform. The focus now shifts to the implementation of stronger security measures and legal safeguards to protect against future threats. FAQs Q1: What caused the $19.3 million bad debt on Fluid? The bad debt resulted from a $21 million default during a depegging event triggered by the March hack of the Resolv protocol, to which Fluid had approximately $100 million in exposure. Q2: Were Fluid’s own smart contracts compromised in the hack? No, Fluid confirmed that its own smart contracts were not compromised. The incident stemmed from exposure to the Resolv protocol. Q3: What measures is Fluid taking to prevent future incidents? Fluid plans to enhance its security protocols and introduce a legal framework for asset protection. It also halted its buyback program and reduced token issuance in the immediate aftermath of the hack. This post Fluid Repays $19.3M in Bad Debt Following March Resolv Hack first appeared on BitcoinWorld .
11 May 2026, 22:47
AI vs. AI: Binance touts fraud prevention wins, securing $10.53B for 5.4M user

With artificial intelligence lowering the barrier for cybercriminals to execute deepfakes and voice clones, crypto security has become an “AI vs. AI” arms race. Binance, the world’s largest cryptocurrency exchange by trading volume, has released its latest security report detailing how its autonomous systems are fighting fire with fire. How is Binance fighting crypto crime? According to a Binance Research report published in April, AI-powered exploits now cost roughly $1.22 per smart contract, and the cost is projected to fall by an additional 22% every two months. Advanced AI models achieve a 72.2% success rate in “exploit” mode on EVMbench, while the “detect” success rate runs at only half that. The crypto sector accounts for 88% of all detected deepfake fraud cases globally. Deepfake-related losses in North America alone exceeded $410 million in the first half of 2025. Crypto-related fraud reached an estimated $17 billion in 2025, a 30% year-over-year increase. AI-enabled scams are 4.5x more profitable than traditional ones, and impersonation tactics surged 1,400% year-on-year in 2025. Binance reports that it has responded by setting up over 24 AI security programs powered by more than 100 AI models, preventing approximately $10.53 billion from being stolen and protecting 5.4 million users from the beginning of 2025 through the first quarter of 2026. In the first quarter of 2026 alone, Binance’s AI risk control system interfered with 22.9 million scam and phishing attacks, safeguarding $1.98 billion in user funds. Roughly 57% of fraud detection work is now handled by AI, drastically reducing the rate of credit card fraud to 60-70% below the industry average. The platform has also blacklisted over 36,000 malicious on-chain addresses since its launch. DeFi hacks and scams persist While centralized exchanges like Binance are strengthening their defenses, the decentralized finance (DeFi) sector has continued to be a critical vulnerability. Binance CEO Richard Teng pointed out that in April 2026 alone , DeFi hacks amounted to $621 million, the highest since March 2022. Meanwhile, DeFi projects accounted for approximately $609 million of the April total. Exploiters extracted the funds across 28 separate incidents. “The industry must continue investing in security measures to protect its users,” Teng warned. Despite these alarming losses, DeFi hacks have steadily declined from $3.6 billion in 2020 to $1 billion in 2025. Notably, 66% of these April 2026 attacks were due to compromised access controls, with social engineering and DNS attacks as the dominant tactics. As for centralized exchanges, Binance’s AI defenses have shown remarkable success, dropping its phishing success rate eightfold from 3.2% to 0.4% and illicit fund exposure has been reduced by 96% thanks to its AI models. Beyond defense, the exchange is also taking proactive recovery measures. In 2025, Binance assisted in recovering approximately $12.8 million in funds for users and aided global law enforcement in freezing about $131 million in stolen assets. Binance also recently announced that its subsidiary, Binance Bahrain, successfully renewed its ISO/IEC 27001 (Information Security Management) and ISO/IEC 27701 (Privacy Information Management) certifications. The renewal, audited by A-LIGN, shows that the platform is complying with the highest international standards for safeguarding user data. Teng shared that he envisions Binance evolving into a “super financial app” and a multi-asset gateway for 3 billion users worldwide.” The smartest crypto minds already read our newsletter. Want in? Join them .
11 May 2026, 21:40
U.S. court authorizes DAO vote in latest twist of rsETH exploit recovery

A federal court authorized an Arbitrum DAO vote to move over 30,765 ETH tied to the rsETH exploit recovery into an Aave-controlled wallet under ongoing legal restrictions.
11 May 2026, 19:15
SIGMA bot blamed as attacker drains $200K from trader's wallets

Crypto trader and X personality Unihax0r lost +$200,000 on May 11 after someone drained two of his wallets across Ethereum, Base, and BSC. On-chain analysts think it was a private key leak linked to a Telegram trading bot. “Just got drained or hacked for more than 200k. Sick to my stomach,” Unihax0r posted on X. He shared the attacker’s wallet address and asked people to help trace the funds. Attacker swept three chains in under an hour This wasn’t a smart contract exploit since there’s no malicious token approval. On-chain analyst @k0braca1 looked at the transactions right after it happened and said it looked like a private key leak. The attacker “had full control over signing operations across multiple chains: Ethereum, Base and BSC.” The drain took somewhere between 10 and 30 minutes. The biggest chunks were about $125,000 in $POD tokens on Base and $21,000 in $FHE on BSC, plus ETH and smaller positions. The attacker even sent a bit of ETH to the Ethereum wallet first to cover gas for sweeping the remaining token balances. Hey bro, sorry this happened to you. My quick assessment of what happened. The exploit looks like a private key leak rather than related to any malicious transactions, as the attacker has full control over signing operations across multiple chains: Ethereum, Base and BSC. It… — kc (@k0braca1) May 11, 2026 SIGMA bot was the common thread Both crypto wallets that got drained were created via a Telegram multichain trading bot called SIGMA. Unihax0r imported those wallets into GMGN, which is another Telegram trading tool, and Rabby Wallet. Other wallets on Rabby and Jupiter were not drained since the SIGMA bot did not create them. This means that the SIGMA trading bot is the probable cause of this attack. Investigators in the community have come up with a few ideas about what caused the theft of secret keys: Telegram phishing through fake CAPTCHA bots that pop up when you use SIGMA. Malware or infostealer infections. Device compromise. Malicious browser extensions. Unihax0r said he checked his Telegram account and found no suspicious sessions, per Crypto Times. The stolen crypto went to an externally owned account that the attacker controls. The stolen crypto was transferred to an external wallet owned by the attacker. On-chain data shows the stolen tokens are already being mixed by the attacker. Most of the assets are still sitting in the attacker’s wallets on Base. Community members and fraud tracking accounts have offered to help trace funds, but the odds of getting the money back are low. Telegram bots are a structural weak point Crypto losses connected to Telegram trading bots keep piling up. When a user generates wallets through Telegram bots, the private keys get created and stored within the bot’s infrastructure. Security researchers from ForkLog warned about using Telegram bots to trade crypto. They explained that Telegarm bots “could potentially lead to asset losses and are not safeguarded against hacker attacks.” Telegram bot scams have been ramping up. Web3 anti-scam platform ScamSniffer said Telegram group malware scams jumped by 2,000% between November 2024 and January 2025. Attackers use fake verification bots and phony group invitations to push malware that can access wallets and browser data. Last September, Banana Gun, which is one of the most active Telegram trading bots, had 36 wallets exploited for 536 ETH. That was ~$1.9 million at the time. The bot went offline after that. If you're reading this, you’re already ahead. Stay there with our newsletter .
11 May 2026, 13:50
Ronin Network to Transition to Ethereum Layer 2 via May Hard Fork

BitcoinWorld Ronin Network to Transition to Ethereum Layer 2 via May Hard Fork Ronin (RON), the blockchain network originally built for the Axie Infinity ecosystem, will undergo a hard fork on May 12 to transition into an Ethereum Layer 2 network. The upgrade, first reported by CoinDesk, aims to bolster security, improve tokenomics, and enhance scalability following a major bridge exploit in 2022 that resulted in losses exceeding $600 million. Technical Transition and Security Enhancements By adopting the OP Stack — the development framework behind Optimism — Ronin will effectively become an Ethereum Layer 2 rollup. This shift allows the network to inherit Ethereum’s robust security model while benefiting from higher transaction throughput and lower fees. The move addresses long-standing concerns about the network’s security architecture, which was severely tested during the 2022 hack when attackers drained funds from the Ronin bridge. New Staking Reward Model Following the hard fork, Ronin will implement a revised staking reward system. Instead of the previous uniform distribution model, rewards will be allocated based on validator contributions to network security and transaction validation. This change is designed to incentivize active participation and strengthen the network’s overall reliability. Implications for RON Token Holders For current RON token holders, the transition means their tokens will continue to function within the new Layer 2 environment, though the staking mechanics will change. The network has stated that no action is required from users to prepare for the hard fork, but validators and node operators will need to update their software to remain compatible. Broader Context and Industry Significance The move reflects a broader trend among gaming and application-specific blockchains to adopt Ethereum’s Layer 2 infrastructure. By aligning with the OP Stack, Ronin joins a growing list of networks leveraging Optimism’s technology stack, which now includes Base (Coinbase) and several other chains. This consolidation around shared infrastructure could improve interoperability and liquidity across the Ethereum ecosystem. Ronin’s transition also signals a maturing approach to blockchain security post-exploit. The 2022 hack, one of the largest in crypto history, prompted extensive security audits and architectural reviews. The shift to Ethereum Layer 2 represents a fundamental redesign rather than incremental fixes, addressing root causes rather than symptoms. Conclusion The May 12 hard fork marks a pivotal moment for Ronin, transitioning from a standalone sidechain to a fully integrated Ethereum Layer 2. While the technical details are complex, the core benefit for users is clear: enhanced security backed by Ethereum’s proven infrastructure, alongside improved tokenomics designed to reward active network participation. The upgrade will be closely watched as a case study in post-exploit blockchain recovery and migration strategies. FAQs Q1: Will the hard fork affect my RON tokens? No. RON tokens will continue to function after the hard fork. However, staking rewards will be calculated differently under the new contribution-based model. Q2: Do I need to do anything to prepare for the hard fork? Most users do not need to take any action. Validators and node operators must update their software to remain compatible with the new network. Q3: Why is Ronin moving to Ethereum Layer 2? The primary reasons are improved security (by leveraging Ethereum’s consensus), better scalability, and a more sustainable tokenomics model. The 2022 bridge hack exposed vulnerabilities in the original sidechain architecture. This post Ronin Network to Transition to Ethereum Layer 2 via May Hard Fork first appeared on BitcoinWorld .














































