A China-linked APT group called GopherWhisper infected 12 Mongolian government systems with Go-based backdoors, according to ESET. The group uses tools written in Go, including injectors and loaders, to deploy malware. The attack highlights ongoing cybersecurity threats targeting government institutions, with no specific date provided but recent reports indicating activity.
The U.S. military is running a Bitcoin node to explore its potential for national security applications, Adm. Paparo told Congress. This move indicates increased interest in blockchain technology for defense and security purposes, highlighting Bitcoin's growing role beyond finance. The test aims to assess how Bitcoin's protocol can support secure, decentralized communication and data verification in government operations.
Iran is increasingly relying on foreign militias to bolster internal security amid fears of renewed protests. This shift underscores ongoing internal stability challenges, although the likelihood of regime change remains low. The move reflects Iran’s efforts to manage domestic unrest, with security concerns taking precedence over market stability as tensions persist since recent protests.
CertiK researcher Natalie Newson warns that 2026 hacks may increasingly involve deepfakes and phishing. Recent breaches in April, including DRIFT with $280 million and Kelp DAO with $293 million, caused a combined loss of $600 million. These incidents highlight evolving security threats in the Web3 space, emphasizing the need for enhanced protection measures.
The KelpDAO hacker laundered $175 million worth of ETH into BTC via THORChain, complicating recovery efforts. The breach, which triggered $800 million in laundering volume, led to Arbitrum freezing part of the stolen ETH. The attacker quickly exited the cross-chain swaps, making the stolen funds harder to trace and increasing DeFi security concerns.
Andre Cronje’s DeFi project, Flying Tulip, has introduced a withdrawal circuit breaker to enhance security amid rising exploits. The safeguard is designed to fail open, allowing users to monitor system status in real time via a dedicated page. This move aims to protect user funds as DeFi exploits continue to pose security challenges in the space.
The UK’s National Cyber Security Centre (NCSC-UK) and international partners warned that Chinese hackers are increasingly using large-scale proxy networks of hijacked consumer devices to evade detection. This tactic allows them to disguise malicious activities, complicating efforts to track and prevent cyberattacks. The warning highlights ongoing concerns about state-sponsored cyber threats and the need for enhanced cybersecurity measures.
