vulnerabilities

According to The Information, Anthropic and OpenAI have both experienced security incidents, raising market concerns about the safety of AI models themselves.Currently, Anthropic is investigating potential unauthorized access to its Claude Mythos model by users. Almost simultaneously, OpenAI was also reported to have accidentally exposed several unreleased models in its Codex application. Industry opinions indicate that these vulnerability incidents have intensified scrutiny on the security governance capabilities of AI companies and reflect that the security systems of current AI technology still need improvement as it rapidly develops. Analysts believe that even AI model providers that focus on cybersecurity capabilities face significant security challenges themselves. As AI is gradually used to defend against cyberattacks, issues related to platform security and access control have also become critical risk points.

According to The Block, JPMorgan analysts stated that the frequent security incidents in DeFi and the stagnation of total locked value (TVL) in ETH terms continue to limit institutional interest in DeFi. The report mentioned that a recent cross-chain bridge attack related to Kelp DAO led to a loss of approximately $20 billion in DeFi TVL within a few days. The attackers minted about $292 million in unsecured rsETH and borrowed real ETH on Aave using it as collateral, resulting in approximately $230 million in bad debt. JPMorgan also pointed out that after security incidents, users tend to turn to Tether's USDT for safety.

According to Decrypt, Mozilla recently revealed that Anthropic's latest AI model, Claude Mythos, identified 271 security vulnerabilities during internal testing of the Firefox browser, and the related vulnerabilities have been fixed this week.In comparison, a previous version of the Anthropic model only found 22 security-sensitive vulnerabilities. Mozilla stated that all discovered vulnerabilities were within the scope of top human researchers' findings. Claude Mythos was officially released in March 2026 and is Anthropic's most powerful model in the fields of reasoning, coding, and cybersecurity, currently available for use by vetted partners such as Amazon, Apple, and Microsoft through the "Project Glasswing" initiative.

The security agency Innora released a report stating that the financial protocol Saturn on Ethereum has two serious vulnerabilities. These include:Withdrawal freeze vulnerability: Under normal business operations, all user funds could be locked, with a minimum of 30 days and, in extreme cases, indefinitely frozen. No hacker is needed; the protocol can trigger this itself.Privileged addresses in the protocol can legally intercept up to 33.33% of the funds per operation. According to current data, a single operation can intercept up to approximately $157,000, with a theoretical total risk of up to $4.26 million.Innora stated that over 90% of Saturn's assets are managed by privileged addresses, and users are completely reliant on trust. As of the report's release, this vulnerability has not yet been fixed.

According to CoinDesk, researchers from the University of California, Santa Barbara, the University of California, San Diego, blockchain security company Fuzzland, and World Liberty Financial have jointly published a paper warning that "LLM routers"—intermediary services located between users and AI models—have become a significant security risk for crypto assets.The researchers found that 26 LLM routers are secretly injecting malicious tool calls and stealing user credentials, with one incident leading to the emptying of a customer's crypto wallet worth $500,000.Additionally, the researchers were able to control about 400 downstream hosts within hours by "polluting" the router ecosystem. Since sensitive data such as private keys and API credentials are often transmitted in plaintext through these routers, users are effectively exposing their assets to risk without their knowledge.The researchers pointed out that as McKinsey predicts AI agents will mediate $30 trillion to $50 trillion in global consumer spending by 2030, Binance founder Changpeng Zhao also predicts that the payment volume of AI agents will be a million times that of humans. The current infrastructure security is severely lagging behind the pace of industry development, and the risk of the "weakest link" could trigger a systemic chain crisis.

According to market news, researchers from the University of California recently disclosed that some third-party AI large language model (LLM) routers have security risks that could lead to the theft of cryptocurrency assets. The research shows that LLM routers, acting as API intermediaries, can read plaintext information, and some routers have been found to inject malicious code and steal credentials.The team tested 28 paid and 400 free routers, finding that 9 routers actively injected malicious code, 2 deployed evasion triggers, and 17 accessed Amazon Web Services credentials. Some routers even transferred ETH using the researchers' Ethereum private keys.The study pointed out that the malicious behavior of the routers is difficult to detect, and some AI agent frameworks' "YOLO mode" can automatically execute commands, increasing security risks. The research recommends that developers should not allow private keys or mnemonic phrases to be transmitted through AI agents and calls on AI companies to encrypt signatures in responses to enhance security.

The 360 vulnerability mining agent recently discovered and reported 1 high-risk and 2 medium-risk high-value vulnerabilities related to OpenClaw, totaling 3 vulnerabilities. Currently, all newly discovered vulnerabilities have been officially patched and publicly disclosed.It is understood that the three newly discovered vulnerabilities directly target the core operating mechanism of AI agents, directly affecting the core security of user devices, data, and accounts.

According to PR Newswire, BTQ Technologies has released a research paper titled "Kardashev Scale Quantum Computing for Bitcoin Mining," which quantifies the physical costs of the entire process of using quantum computing for Bitcoin mining for the first time. The related research points out that the market has long confused two types of quantum threats: one is the attack on Bitcoin's elliptic curve digital signatures (real and urgent), and the other is quantum mining accelerated by Grover's algorithm (theoretically possible but with extremely high practical costs).The BTQ paper argues that to have a substantial impact on consensus, a quantum computing cluster with energy consumption far exceeding the current level of human civilization needs to be built. The study also proposes an open-source resource estimation model, covering key aspects such as reversible double SHA-256 computation, fault-tolerant quantum error correction, and large-scale quantum bit scheduling. The conclusion emphasizes that the more realistic risk facing Bitcoin comes from vulnerabilities in cryptographic signatures, rather than quantum mining capabilities.

The Cybersecurity Threat and Vulnerability Information Sharing Platform (NVDB) of the Ministry of Industry and Information Technology of China has monitored and found that attackers are using exploit tools targeting Apple Inc.'s terminal products to carry out cyber attack activities, which can lead to serious harms such as information theft and system control. The affected range includes Apple terminal products such as iPhone and iPad running iOS 13 to 17.2.1.Attackers induce users to use the Safari browser to visit web pages containing malicious code through methods such as SMS, email, or web poisoning, comprehensively utilizing security vulnerabilities present in the terminal devices to implant remote control Trojans into the victim's terminal products, stealing sensitive user information, gaining maximum privileges, and taking control.It is recommended that users of Apple terminal products conduct risk assessments, and promptly fix vulnerabilities through version upgrades and patch installations (refer to the Apple Security Updates). Pay attention to system update notifications and the latest security update announcements released by Apple, upgrade to the latest secure version in a timely manner, strengthen security awareness, avoid clicking on unknown links, and prevent the risk of cyber attacks.

Lily Liu, the chair of the Solana Foundation, stated, "The Drift incident has far-reaching effects, impacting the entire ecosystem. The Drift team is working around the clock to investigate and control the situation, and we are doing our best to provide support. The smart contract itself has withstood the test.The real target of the attack is 'people'—more related to social engineering and operational security vulnerabilities rather than exploits at the code level. Solana has repeatedly emerged from difficulties, continuously moving forward through faster iterations, better construction, mutual support, and enhanced security. Please remain vigilant, check your security settings, and continue building. We will continue to update as new developments arise."

According to Jinshi News, Warren Buffett warned that as the connections between the banking system and non-bank institutions become increasingly tight, he has begun to see signs of vulnerability in the financial system.He stated that the stability of the financial system should be the Federal Reserve's top priority and pointed out that banks like JPMorgan Chase are key hubs for the economy, handling trillions of dollars in funds every day. "They influence each other, and if one has a problem, it could transmit to other institutions," Buffett said during an interview with CNBC on Tuesday.After a series of recent explosions in the credit market raised concerns about the balance sheet risks of banks and private credit funds, investor sentiment has been impacted. Buffett indicated that once market panic spreads, many investors may quickly withdraw.

DeFi research and risk management company Gauntlet updated on the X platform regarding the progress of the Resolv vulnerability handling. Currently, the USDC Frontier (v1) on the Base network has been removed from all Resolv markets, with no bad debt risk.The v1 and v2 vaults have now reopened for deposits, and Morpho will remove the interface warning tomorrow. The mainnet USDC Frontier (v2) vault restart operation is underway. Based on the existing time lock arrangements, the submission limit for the v1 market adapter is 3 days, and the removal of the v1 Vault adapter is 5 days. Gauntlet stated that further details on the remaining vaults will be provided based on subsequent updates from Resolv.

DeFi research and risk management company Gauntlet posted an update on the X platform regarding the progress of the Resolv vulnerability handling. The USDC Frontier (v1) on the Base network has been removed from all Resolv markets, with no bad debt risk.The v1 and v2 vaults are now reopened for deposits, and Morpho will remove the interface warning tomorrow. The restart operation for the mainnet USDC Frontier (v2) vault is underway. Based on the existing time lock arrangements, the submission limit for the v1 market adapter is 3 days, and the removal of the v1 Vault adapter is 5 days. Gauntlet stated that further details about the remaining vaults will be provided based on subsequent fixes from Resolv.

HyperEVM's native non-custodial lending protocol HypurrFi stated on platform X that there is a "rounding error" vulnerability in versions prior to Aave V3 3.5. Under specific conditions, an attacker could extract underlying tokens by repeatedly executing supply/extract and borrow/repay loop operations.The affected markets are XAUT0 and UBTC in HypurrFi Pooled. Currently, user funds are not at risk. To ensure safety, related markets have suspended new supply and lending operations, while withdrawal and repayment functions remain operational, and other markets are running normally. HypurrFi added that it quickly identified the issue on-chain through its internal monitoring system and promptly froze the affected markets. They are also collaborating with other Aave deployers and security researchers to address the issue and have invited other Aave fork projects to reach out for more security information.

Ethereum co-founder Vitalik Buterin released the "Quantum Roadmap" this Thursday, proposing several improvement plans to address blockchain quantum security vulnerabilities, including hash signatures, recursive STARKs, native account abstraction, and protocol-level signature aggregation. The core goal is to replace the currently vulnerable ECDSA encryption architecture.Among these, the "frame transactions" proposal has been included in the discussion agenda for the Ethereum upgrade version Hegota, expected to be launched in the second half of 2026, with hopes of implementation within this year. Vitalik warned last November that quantum computers could break Ethereum's existing security model by 2028.The Ethereum Foundation has established a special post-quantum team, set up a $1 million bounty, and initiated bi-weekly technical seminars. Researcher Justin Drake emphasized that in a highly decentralized ecosystem, formulating a binding "official roadmap" is actually not feasible.

According to Jinshi, Fed's Daly stated that it is necessary to ensure that the vulnerabilities in the labor market do not evolve into substantial weakness.

Jamieson O'Reilly, who is introduced as a "hacker" on X, posted that he has attempted to contact Moltbook in the past few hours, as the platform has publicly exposed its complete database without any protective measures. The leaked information includes secret API keys, allowing anyone to post content on behalf of any agent.Jamieson O'Reilly pointed out that the affected parties include Karpathy, a well-known figure in the AI field with 1.9 million followers on the X platform, as well as all agents currently visible on the platform. At present, anyone could exploit this vulnerability to post false AI safety statements, promote cryptocurrency scams, or incite political statements in the name of others. Jamieson O'Reilly is calling for relevant individuals to assist in contacting the founder to resolve this exposure issue.

According to The Hacker News, Cyata researchers have disclosed three critical security vulnerabilities (CVE-2025-68143/44/45) in the mcp-server-git maintained by Anthropic, which can be exploited for path traversal and parameter injection, potentially leading to remote code execution.These vulnerabilities can be weaponized through prompt injection, allowing attackers to trigger the attack simply by controlling the AI assistant to read malicious content. The vulnerabilities have been patched in the versions released in September and December 2025, and the official has removed the git_init tool and enhanced path validation, recommending users to update to the latest version as soon as possible.

Three security vulnerabilities have been discovered in the official mcp-server-git maintained by Anthropic. These vulnerabilities can be exploited through prompt injection attacks, allowing attackers to trigger the vulnerabilities via malicious README files or compromised web pages without direct access to the victim's system. The vulnerabilities include: CVE-2025-68143 (unrestricted git_init), CVE-2025-68145 (path validation bypass), and CVE-2025-68144 (parameter injection in git_diff).When these vulnerabilities are combined with the file system MCP server, attackers can execute arbitrary code, delete system files, or read arbitrary file contents into the large language model context. Cyata points out that since mcp-server-git does not perform path validation on the repo_path parameter, attackers can create Git repositories in any directory on the system. Additionally, by configuring a cleanup filter in .git/config, attackers can run shell commands without execution permissions. Anthropic assigned CVE identifiers and submitted a patch on December 17, 2025. Users are advised to update mcp-server-git to version 2025.12.18 or higher.

Genius announced on the X platform that, in response to community feedback regarding platform trading issues, several vulnerabilities have been fixed, including:Significant reduction in Gas fees: Fixed the issue of overestimation of Gas limits on-chain due to EIP-1559 and the problem of maxPriorityFeePerGas being set too high;Optimized BNB cross-chain exchange: Added a small Gas buffer to prevent transaction failures due to insufficient Gas, while not significantly increasing Gas fees;Fixed the cross-chain transaction fee sponsorship issue using EIP-7702: Updated the process to correctly execute cross-chain transactions sponsored by third parties (no longer experiencing issues from the old version).