• bitcoinBitcoin (BTC) $ 62,698.00
  • ethereumEthereum (ETH) $ 1,761.42
  • tetherTether (USDT) $ 0.999089
  • bnbBNB (BNB) $ 575.62
  • usd-coinUSDC (USDC) $ 0.999754
  • xrpXRP (XRP) $ 1.13
  • solanaSolana (SOL) $ 80.20
  • tronTRON (TRX) $ 0.324715
  • staked-etherLido Staked Ether (STETH) $ 2,265.05
  • figure-helocFigure Heloc (FIGR_HELOC) $ 1.01
  • hyperliquidHyperliquid (HYPE) $ 68.59
  • dogecoinDogecoin (DOGE) $ 0.075809
  • usdsUSDS (USDS) $ 0.999708
  • rainRain (RAIN) $ 0.015302
  • leo-tokenLEO Token (LEO) $ 9.16
  • wrapped-stethWrapped stETH (WSTETH) $ 2,779.67
  • zcashZcash (ZEC) $ 455.49
  • cardanoCardano (ADA) $ 0.190900
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 76,243.00
  • stellarStellar (XLM) $ 0.199476
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.998762
  • whitebitWhiteBIT Coin (WBT) $ 56.59
  • wrapped-beacon-ethWrapped Beacon ETH (WBETH) $ 2,466.93
  • moneroMonero (XMR) $ 326.51
  • chainlinkChainlink (LINK) $ 7.90
  • canton-networkCanton (CC) $ 0.140888
  • wrapped-eethWrapped eETH (WEETH) $ 2,465.31
  • labLAB (LAB) $ 15.95
  • bitcoin-cashBitcoin Cash (BCH) $ 240.57
  • the-open-networkGram (prev. Toncoin) (GRAM) $ 1.75
  • susdssUSDS (SUSDS) $ 1.08
  • daiDai (DAI) $ 0.999707
  • usd1-wlfiUSD1 (USD1) $ 0.998937
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 76,366.00
  • ethena-usdeEthena USDe (USDE) $ 0.998573
  • litecoinLitecoin (LTC) $ 44.37
  • hedera-hashgraphHedera (HBAR) $ 0.075339
  • wethWETH (WETH) $ 2,268.37
  • hashnote-usycCircle USYC (USYC) $ 1.13
  • global-dollarGlobal Dollar (USDG) $ 0.999620
  • suiSui (SUI) $ 0.744575
  • usdt0USDT0 (USDT0) $ 0.998824
  • avalanche-2Avalanche (AVAX) $ 6.80
  • paypal-usdPayPal USD (PYUSD) $ 0.999988
  • crypto-com-chainCronos (CRO) $ 0.059657
  • tether-goldTether Gold (XAUT) $ 4,161.58
  • shiba-inuShiba Inu (SHIB) $ 0.000004
  • nearNEAR Protocol (NEAR) $ 1.95
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.22
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.14
  • bittensorBittensor (TAO) $ 212.32
  • uniswapUniswap (UNI) $ 3.19
  • pax-goldPAX Gold (PAXG) $ 4,163.18
  • memecoreMemeCore (M) $ 1.42
  • world-liberty-financialWorld Liberty Financial (WLFI) $ 0.058187
  • aster-2Aster (ASTER) $ 0.639949
  • okbOKB (OKB) $ 80.07
  • ondo-financeOndo (ONDO) $ 0.325976
  • ripple-usdRipple USD (RLUSD) $ 0.999815
  • little-pepe-5Little Pepe (LILPEPE) $ 2.16
  • htx-daoHTX DAO (HTX) $ 0.000002
  • syrupusdcsyrupUSDC (SYRUPUSDC) $ 1.15
  • polkadotPolkadot (DOT) $ 0.867225
  • mantleMantle (MNT) $ 0.439774
  • worldcoin-wldWorldcoin (WLD) $ 0.411434
  • falcon-financeFalcon USD (USDF) $ 0.995939
  • usddUSDD (USDD) $ 1.00
  • aaveAave (AAVE) $ 88.24
  • bfusdBFUSD (BFUSD) $ 0.998749
  • morphoMorpho (MORPHO) $ 1.99
  • skySky (SKY) $ 0.055248
  • pi-networkPi Network (PI) $ 0.113275
  • internet-computerInternet Computer (ICP) $ 2.21
  • bitget-tokenBitget Token (BGB) $ 1.72
  • pepePepe (PEPE) $ 0.000003
  • dexeDeXe (DEXE) $ 24.17
  • ethereum-classicEthereum Classic (ETC) $ 7.09
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 4.00
  • united-stablesUnited Stables (U) $ 0.999803
  • eutblSpiko EU T-Bills Money Market Fund (EUTBL) $ 1.21
  • quant-networkQuant (QNT) $ 67.34
  • kucoin-sharesKuCoin (KCS) $ 7.11
  • blockchain-capitalBlockchain Capital (BCAP) $ 106.97
  • jito-staked-solJito Staked SOL (JITOSOL) $ 124.46
  • usdgoUSDGO (USDGO) $ 0.999900
  • janus-henderson-anemoy-treasury-fundJanus Henderson Anemoy Treasury Fund (JTRSY) $ 1.11
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 2,404.69
  • superstate-short-duration-us-government-securities-fund-ustbInvesco Short Duration US Government Securities Fund (USTB) $ 11.13
  • audieraAudiera (BEAT) $ 2.79
  • binance-peg-wethBinance-Peg WETH (WETH) $ 2,262.26
  • kaspaKaspa (KAS) $ 0.031009
  • rocket-pool-ethRocket Pool ETH (RETH) $ 2,631.35
  • stable-2​​Stable (STABLE) $ 0.034730
  • render-tokenRender (RENDER) $ 1.59
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 0.999945
  • algorandAlgorand (ALGO) $ 0.089852
  • cosmosCosmos Hub (ATOM) $ 1.55
  • wbnbWrapped BNB (WBNB) $ 759.61
  • jupiter-exchange-solanaJupiter (JUP) $ 0.238637
  • ignition-fbtcFunction FBTC (FBTC) $ 76,389.00
  • justJUST (JST) $ 0.092849
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.073039
  • nexoNEXO (NEXO) $ 0.771491
  • bianrensheng币安人生 (BinanceLife) (币安人生) $ 0.757230
  • ethenaEthena (ENA) $ 0.077872
  • syrupusdtsyrupUSDT (SYRUPUSDT) $ 1.11
  • usdtbUSDtb (USDTB) $ 1.00
  • adi-tokenADI (ADI) $ 5.80
  • gatechain-tokenGate (GT) $ 6.72
  • binance-staked-solBinance Staked SOL (BNSOL) $ 108.24
  • beldexBeldex (BDX) $ 0.088261
  • spiko-amundi-overnight-swap-fund-eurSpiko Amundi Overnight Swap Fund (EUR) (EURSAFO) $ 1.15
  • janus-henderson-anemoy-aaa-clo-fundJanus Henderson Anemoy AAA CLO Fund (JAAA) $ 1.04
  • filecoinFilecoin (FIL) $ 0.786351
  • pump-funPump.fun (PUMP) $ 0.001526
  • flare-networksFlare (FLR) $ 0.006952
  • new-x-ceo-is-backNEW X CEO IS BACK (XFLOKI) $ 0.506041
  • bridged-usdc-polygon-pos-bridgePolygon Bridged USDC (Polygon PoS) (USDC.E) $ 0.999720
  • ghoGHO (GHO) $ 0.998270
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 76,461.00
  • lighterLighter (LIT) $ 2.27
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 76,491.00
  • xdce-crowd-saleXDC Network (XDC) $ 0.028320
  • midnight-3Midnight (NIGHT) $ 0.033657
  • usual-usdUsual USD (USD0) $ 0.998535
  • clbtcclBTC (CLBTC) $ 76,920.00
  • yldsYLDS (YLDS) $ 0.999707
  • aerodrome-financeAerodrome Finance (AERO) $ 0.565687
  • venice-tokenVenice Token (VVV) $ 11.55
  • aptosAptos (APT) $ 0.619929
  • usxUSX (USX) $ 0.999550
  • arbitrumArbitrum (ARB) $ 0.078500
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 2,419.84
  • true-usdTrueUSD (TUSD) $ 0.998176
  • a7a5A7A5 (A7A5) $ 0.012349
  • kinetic-staked-hypeKinetiq Staked HYPE (KHYPE) $ 33.97
  • hash-2Provenance Blockchain (HASH) $ 0.008674
  • tbtctBTC (TBTC) $ 70,942.00
  • injective-protocolInjective (INJ) $ 4.71
  • dashDash (DASH) $ 35.00
  • euro-coinEURC (EURC) $ 1.14
  • pancakeswap-tokenPancakeSwap (CAKE) $ 1.37
  • bonkBonk (BONK) $ 0.000005
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.006567
  • ousgOndo Short-Term U.S. Government Bond Fund (OUSG) $ 115.76
  • c8ntinuumc8ntinuum (CTM) $ 0.087592
  • vechainVeChain (VET) $ 0.004731
  • mantle-staked-etherMantle Staked Ether (METH) $ 2,455.82
  • official-trumpOfficial Trump (TRUMP) $ 1.70
  • hastra-primeHastra PRIME (PRIME) $ 1.05
  • polygon-pos-bridged-dai-polygon-posPolygon PoS Bridged DAI (Polygon POS) (DAI) $ 0.999983
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.176635
  • ether-fiEther.fi (ETHFI) $ 0.418862
  • resolv-wstusrResolv wstUSR (WSTUSR) $ 1.13
  • cocaCOCA (COCA) $ 1.30
  • celestiaCelestia (TIA) $ 0.398021
  • spx6900SPX6900 (SPX) $ 0.398683
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 0.562895
  • doge-strategyDoge Strategy (DOGESTR) $ 0.288297
  • liquid-staked-ethereumLiquid Staked ETH (LSETH) $ 2,406.26
  • jito-governance-tokenJito (JTO) $ 0.728851
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 76,200.00
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.997364
  • terra-lunaTerra Luna Classic (LUNC) $ 0.000062
  • grassGrass (GRASS) $ 0.537772
  • the9bitThe9bit (9BIT) $ 0.042627
  • sun-tokenSun Token (SUN) $ 0.017202
  • wrapped-flareWrapped Flare (WFLR) $ 0.009961
  • apxusdapxUSD (APXUSD) $ 0.877896
  • sei-networkSei (SEI) $ 0.048544
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 2,266.86
  • kinesis-goldKinesis Gold (KAU) $ 135.13
  • steakhouse-usdc-morpho-vaultSteakhouse USDC Morpho Vault (STEAKUSDC) $ 1.12
  • curve-dao-tokenCurve DAO (CRV) $ 0.209804
  • blockstackStacks (STX) $ 0.170001
  • pyth-networkPyth Network (PYTH) $ 0.039126
  • kite-2Kite (KITE) $ 0.121853
  • ethgas-2ETHGas (GWEI) $ 0.137895
  • binance-peg-xrpBinance-Peg XRP (XRP) $ 1.59
  • bitcoin-svBitcoin SV (BSV) $ 14.34
  • ether-fi-liquid-ethEther.Fi Liquid ETH (LIQUIDETH) $ 2,443.47
  • gnosisGnosis (GNO) $ 105.03
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 2,421.84
  • plasmaPlasma (XPL) $ 0.105758
  • tezosTezos (XTZ) $ 0.248185
  • noonNoon (NOON) $ 0.751949
  • royal-dollarRoyal Dollar (RUSD) $ 0.998700
  • sbtc-2sBTC (SBTC) $ 77,039.00
  • apenftAINFT (NFT) $ 0.00000027
  • bittorrentBitTorrent (BTT) $ 0.00000027
  • ultimaUltima (ULTIMA) $ 3,051.40
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 115.56
  • olympusOlympus (OHM) $ 17.03
  • savings-usddSavings USDD (SUSDD) $ 1.03
  • pendlePendle (PENDLE) $ 1.45
  • doublezeroDoubleZero (2Z) $ 0.070890
  • monadMonad (MON) $ 0.020397
  • msolMarinade Staked SOL (MSOL) $ 133.18
  • fraxLegacy Frax Dollar (FRAX) $ 0.989881

How ethical hackers with just a $3,000 server found a flaw that could’ve put $70 billion in crypto at risk

0 0


A $3,000 server was enough for a blockchain security researcher to simulate an attack path they say could have put as much as $70 billion in crypto infrastructure at risk.

At the center of the disclosure was a flaw in Aptos, a layer-1 blockchain built on Move, the smart contract language used by Aptos and Sui, that stems from Facebook’s shelved Diem project.

In late February, researchers at the blockchain security firm Hexens reported a critical vulnerability in the Aptos Move virtual machine, the execution environment that processes smart contracts on the chain, to the project’s development team. Hexens identified what it described as a “stale-cache bug” leading to a type-confusion vulnerability, a condition in which software can be tricked into treating one type of onchain resource as another.The

Aptos team did patch the vulnerability when it was flagged, and no funds were lost.

“Aptos Labs was notified of a potential issue through our bug bounty program on February 25 that was already being triaged internally at the time,” an Aptos spokesperson told CoinDesk. “A fix was developed, tested, and deployed to mainnet within hours of discovery. No users or funds were impacted at any point.”

The Aptos spokesperson also disputed the practical exploitability of the bug to CoinDesk. “Our analysis determined the bug would have extremely low exploitability in real world conditions.”

However, the details of what researchers found offer a sobering look at how close the ecosystem came to a potentially industry-altering event.

The sensitivity of this class of bug comes down to how the Move language handles authority. Protocol permissions in Move, including the right to mint a stablecoin, control a bridge, or administer a lending market, are often stored directly as onchain resources. If those resources are compromised, the damage does not stop at one protocol. It extends to everything that trusts them.

Hexens’ researchers offered a practical analogy to the bug: it is roughly comparable to a bug on an Ethereum-style chain that would allow attacker-controlled code to write into storage belonging to other contracts, bypassing the type-system guarantees that Move was specifically designed to uphold.

Mudit Gupta, CTO at Polygon, independently reviewed the proof-of-concept materials and said the exploit held up. “It ran as claimed, and the exploit made sense,” he told CoinDesk. “It required a few conditions to be met, which it seems like they did on the mainnet.”

The vendor was notified hours after the warroom opened, and four major downstream projects were alerted that afternoon, each receiving local-runnable proof-of-concept material and analysis of relevant authority patterns.

A public pull request reflecting the patch became available on February 27. Aptos stated that a private-validator patch had been deployed before the public commit.

Hexens, meanwhile, says it has not received a technical rebuttal or evidence-based argument disputing the demonstrated impact classes. The firm claims that the main concern relayed back to the researchers involved the probabilistic aspects of the exploit, precisely what the team’s calibration work was designed to address.

While no funds were stolen, the simulation showed that in a blockchain-level compromise, rate limits, issuer freezes, bridge controls, exchange monitoring and validator patches are not secondary safeguards. They can become the boundary between a contained bug and a market-wide exploit.

HackExclusive

Latest Crypto News
  1. 1

    Tokenization’s next use case is personalized portfolios, NYLIM executive says

    il y a 31 minutes
  2. 2

    Bitcoin jumps above $63,000, reversing end-June losses

    il y a 2 heures
  3. 3

    Bitcoin experts split over plan to freeze Satoshi’s 1.1 million bitcoin as quantum threat grows

    il y a 2 heures
  4. 4

    Why bitcoin’s disconnect from record-high stocks won’t last

    il y a 4 heures
  5. 5

    Trump’s crypto token buyers are down $3.8 billion, blockchain data shows

    il y a 5 heures
  6. 6

    Europe led on crypto regulation. Now implementation must match ambition

    il y a 6 heures
  7. 7

    EU moves to block retail investors from explosive boom of multibillion-dollar prediction markets

    il y a 6 heures
  8. 8

    UK’s bold new crypto rules promise to unlock global trading, but huge compliance hurdles still threaten the rollout

    il y a 8 heures
  9. 9

    XRP climbs 8% as record holder losses signal better risk-reward for buyers

    il y a 13 heures
  10. 10

    Bitcoin’s next parabolic run may need $1 trillion in fresh capital

    il y a 13 heures

Latest Research

Building the Zcash Machine: Tachyon and Quantum Readiness

Building the Zcash Machine: Tachyon and Quantum Readiness

Zcash’s Tachyon upgrade aims to scale shielded payments, improve quantum readiness, and test whether its funding, security, and governance can hold.

By CoinDesk Research
Jun 30, 2026
Commissioned byGenZcash

Zcash’s Tachyon upgrade aims to scale shielded payments, improve quantum readiness, and test whether its funding, security, and governance can hold.

Why it matters:

Zcash’s Tachyon upgrade aims to scale shielded payments, improve quantum readiness, and test whether its funding, security, and governance can hold.

View Full Report
More From Tech

Live updates: Bitcoin rises above $62,000 as the red hot semiconductor trade starts to fade

Live updates: Bitcoin holds above $61,000 as momentum stocks plunge to start quarter

Ethereum Institutional launch draws support from across the Ethereum ecosystem



Source link

Leave A Reply

Your email address will not be published.