26 malicious LLM routers stole credentials. DeFi has no defense for this.

26 malicious LLM routers stole credentials. DeFi has no defense for this.

An AI agent with access to a live crypto wallet had its memory wiped in a crash, misread a random post on X as a transfer request, and autonomously sent a stranger up to four hundred fifty thousand dollars on-chain with zero human approval. Over one hundred thirty-seven million dollars has been drained from at least fifteen DeFi platforms since January through AI agent exploits, not smart contract bugs—attackers are poisoning the routers, plugins, and memory files that sit between the AI and the blockchain, and no major protocol has disclosed how they're securing that layer. The guy who co-founded OpenZeppelin, the firm that audited Aave and Uniswap, just told friends and family to exit all of DeFi because defenders have to protect every line of code while attackers only need one hole.

Eight Ethereum Foundation exits in four months, no successor named for All Core Devs

Eight people just left the Ethereum Foundation in four months — two executive directors, three protocol cluster leads, and two core researchers — and nobody's clearly taking over the All Core Devs calls that Tim Beiko ran for years. Julian Ma, the researcher behind FOCIL and Fast Confirmation Rule, both headliners for the next upgrade, is also gone with no public plan for who owns that work now. The foundation keeps saying the roadmap is fine, but what's actually being tested is whether Ethereum's coordination layer was ever really institutional or just a few specific people holding it together this whole time.

Winklevoss bought $100M of his own stock at 14 dollars. It's trading at 6.

The Winklevoss twins just invested $100 million in their own public company at $14 a share when the stock was trading at $4.92, paid entirely in bitcoin instead of cash, then quietly rewrote the rules to make it easier to sell those shares back later. Gemini lost $109 million last quarter while spending $144 million to make $50 million in revenue, but the stock still jumped 15% after hours because everyone called it a vote of confidence. Meanwhile nobody's talking about how the same-day registration rights amendment lowered the threshold for the founders to eventually dump those shares into the public market, or how Gemini's balance sheet now holds volatile bitcoin instead of the cash it's been burning through.

Justin Sun Sues After Four Billion Tokens Frozen

Justin Sun invested forty-five million dollars in Trump's crypto company World Liberty Financial, and they just froze all four billion of his tokens—worth potentially up to a billion dollars—after he wouldn't dump another two hundred million into their failing stablecoin. The company literally marketed itself saying "no one's ever going to tell you that your account is shut down" and then secretly upgraded their smart contract to give themselves blacklisting power. Now Sun's suing for fraud because executives allegedly treated his polite deflections at parties as binding commitments and threatened to report him to US authorities over unspecified issues they refuse to detail.

North Korea Lazarus Group Drained 292M From DeFi

North Korea's Lazarus Group just walked away with 292 million dollars in crypto by poisoning the infrastructure behind a bridge so badly configured it had one single security verifier—despite repeated warnings to add more. They didn't hack the code, they cut the phone lines and forced the system to use compromised backup nodes, then minted tokens out of thin air and used them as collateral across nine major DeFi protocols before anyone could blink. Aave is staring down 177 million in bad debt, their insurance vault got completely wiped out, and this exact vulnerability exists right now on other protocols that haven't disclosed it yet.