Security Incidents

LiteLLM has been targeted by a supply chain attack, resulting in the leak of hundreds of gigabytes of data and 500,000 credentials, affecting over 20,000 code repositories. Hackers exploited vulnerabilities in Trivy to successfully implant malicious code and steal sensitive information. It is necessary to strengthen supply chain security and access control measures to prevent similar attacks.

Gate News Report, on March 28, on-chain detective ZachXBT tweeted that Circle had unfrozen ckUSDC (Dfinity bridge) and two other hot wallets with addresses starting with 0x00e a few hours ago. As of now, 5 out of the 16 hot wallets previously mentioned have been unfrozen. ZachXBT stated that once the New York civil case is unsealed, he will publicly name the plaintiffs, experts, and all other relevant parties in the case.

U.S. Senator Warren sent a letter to the Department of Commerce requesting an investigation into Bitmain's national security risks and its connections to the Trump family, as well as the disclosure of related communication records. The FBI is investigating the potential risks associated with the company's mining equipment. Bitmain responded to the allegations, stating they are unfounded, and that relevant safety tests did not reveal any issues.

The Central Bureau of Investigation in India has arrested a suspect named Sunil Nellathu Ramakrishnan, accusing him of serving as a coordinator in a trafficking network related to Southeast Asian online scams. This network lured Indian citizens to Myanmar to participate in scam activities, and the CBI has collected relevant digital evidence, with the investigation still ongoing.

Circle has unfrozen two hot wallets linked to 500 Casino and a crypto whale after a compliance freeze blocked user withdrawals at a centralized exchange. The lack of transparency regarding the initial freeze raises concerns about centralized control over assets.

Key Takeaways: Resolv burned and put about 46 million USR (57%) of illegal supply to its blacklist There is no hacker-related wallet which can transfer or swap USR One of the measures is to upgrade contracts with coordination efforts to restrict impacts of the exploitation After the recent

The crypto space is once again debating control and transparency after blockchain investigator ZachXBT revealed a fresh update involving Circle. The company has now unfrozen two USDC wallets tied to 500 Casino and a user known as “Whale.” Together, the wallets held more than $330,000. This move

The UK High Court recently heard a case involving the theft of Bitcoin, where the plaintiff Ping Fai Yuen accused his estranged wife Fun Yung Li of secretly filming him to steal Bitcoin from his hardware wallet, worth approximately $176 million. Audio recordings and search warrant evidence support the plaintiff's claims, and the court upheld the asset freeze order, but dismissed part of the claims. The judge believes the plaintiff has a very high chance of winning and recommends that the case be heard as soon as possible.

The recently launched "Food Saver Hunter" app has raised concerns due to security issues, with user GPS data leaking and questionable API authorization. Additionally, Amazon has encountered system failures and financial losses, highlighting the risks of over-reliance on AI for programming. Experts are calling for stronger human oversight to ensure safety and accuracy.

Rumors surrounding the "secret XRP contract" spread rapidly in 2026, with Ripple's Chief Technology Officer David Schwartz publicly denying it, emphasizing that no pre-allocation agreement had ever been confirmed. This incident originated from misleading posts on social media, drawing market attention and highlighting issues in the dissemination of cryptocurrency information, reminding investors to verify sources when confronted with sensitive news.

Vietnamese police have cracked a massive cryptocurrency fraud case, arresting businessman Eric Vuong and six accomplices, with the amount involved reaching several billion dollars. The gang sold counterfeit coins to users through the fake platform ONUS, and police have summoned over 140 people for investigation.

GoPlus issued an alert, stating that the Anthropic Claude Chrome extension has a critical Prompt Injection vulnerability, affecting more than 3 million users. Attackers can steal Google Drive files and Gmail access permissions without any user action. The vulnerability has been fixed. Users need to check the extension version and ensure it is updated to 1.0.41 or higher to ensure security.

GoPlus Security Agency warns that the Anthropic Claude Chrome extension has a high-risk prompt injection vulnerability, affecting versions below 1.0.41. Attackers can exploit this vulnerability to hijack user sessions and steal data. Users should update the extension immediately and remain vigilant.

On March 27, GoPlus cited a Koi report stating that Anthropic's Claude Chrome extension has a critical prompt injection vulnerability, affecting all versions below 1.0.41. Users are advised to update to version 1.0.41 or higher immediately and to be cautious of phishing links. Attackers could exploit this to hijack the extension and carry out data theft.

Gate News reports that on March 27, according to BlockSec monitoring, a suspicious transaction targeting an unknown contract (Stake) occurred on the BSC chain, resulting in a loss of approximately $133,000. The root cause was an exploitable dependence on spot prices in the Stake contract.

An Israeli reservist was charged with leaking Iron Dome system secrets related to Iran and assisting the enemy during wartime, facing life imprisonment or the death penalty. Investigations revealed that this individual received cryptocurrency via Telegram and provided sensitive information. Similar incidents have occurred in Taiwan, where the Chinese Communist Party has used cryptocurrencies to infiltrate the military, posing challenges to national security. Countries need to strengthen the protection of military secrets.

On-chain detective ZachXBT revealed that Circle has unfrozen two frozen hot wallets, "500 Casino" and "Whale," which users were previously unable to withdraw from. The details of the case are still unclear, and Circle has not objected to the information.

_Moonwell faces $1M risk after attacker buys cheap tokens and submits malicious vote proposal to gain control of DeFi lending protocol contracts._ A decentralized finance platform called Moonwell is facing a serious security threat after a very cheap attack. The incident was a surprise to the

Resolv Labs strongly advises against trading or acquiring USR, as illegally minted USR has been mixed with legitimate USR, posing trading risks. An recovery plan for affected holders is currently under evaluation, but the effectiveness of any remedial measures cannot be guaranteed. Continuing to trade may complicate the asset recovery process.

Gate News reports that on March 26, Co-founder Yu Xian of SlowMist stated that a certain CEX has taken down the page that required users to input their plaintext seed phrases. He pointed out that the security model for online web pages is very weak, much lower than that of extensions and apps; collecting plaintext seed phrases through online web pages is easy for phishing sites to imitate and has long been a common phishing tactic.