5+ min ago  (21+ words) Perplexity open-sourced Bumblebee, a read-only scanner that inspects developer machines for tainted packages, browser extensions and AI connector configs....

1+ hour ago  (21+ words) A Squid Router Module flaw let attackers impersonate delegates and swap tokens, draining about $3. 2 M from 86 Safe wallets on Ethereum and Base....

3+ hour ago  (26+ words) Cyannova Capital opened its inaugural fund in Hong Kong and signed a strategic deal with Butong Group to back AI, renewables, robotics and space-economy firms....

10+ hour, 5+ min ago  (26+ words) Socket found Trap Door in npm, Py PI and Crates, 34 packages, 384 versions, targeting crypto and AI devs to steal keys, tokens and hijack AI coding assistants....

1+ day, 11+ hour ago  (26+ words) A compromised 1-of-3 minting key let an attacker mint 8. 35 M USDR and 4. 5 M EURR, extracting about $2. 8 M and pushing both stablecoins off their pegs....

2+ day, 20+ hour ago  (24+ words) Kash Patel-linked apparel site pulled after mac OS users were prompted to install 'Click Fix' - an infostealer that can grab browser tokens and crypto wallets....

3+ day, 2+ min ago  (23+ words) A House subcommittee urged modernizing the Bank Secrecy Act to counter AI-enabled scams, speed crypto laundering detection and expand machine-learning monitoring....

3+ day, 6+ hour ago  (24+ words) Compromised six-year-old private key let attacker drain about $600 K in POL on Polygon. Polymarket says contracts and user funds are safe; investigating....

4+ day, 2+ hour ago  (23+ words) North Korea-linked actors and AI reconnaissance stole $1 B+ from De Fi Jan-May 2026; April losses topped $600 M, including Kelp DAO and Drift breaches....

4+ day, 18+ hour ago  (125+ words) Shai-Hulud malware hit about 320 npm and Py PI packages, infected two Open AI employee devices and gained access to limited internal code repositories....