Chinese APT group has exploited multiple cloud tools, including Microsoft Outlook, Slack, Discord, and file.io, to conduct online espionage targeting Mongolia. The threat actor used these platforms for command and control, highlighting vulnerabilities in cloud-based communication tools. The attack underscores ongoing security risks associated with cloud service abuse by state-sponsored cyber espionage groups.
The US military is operating a Bitcoin node as part of cyber defense tests, according to Admiral Samuel Paparo. The initiative aims to explore Bitcoin's strategic utility for national security. This development underscores the military's interest in blockchain technology for cybersecurity purposes, though specific dates or amounts were not disclosed.
JPMorgan warns that ongoing security flaws are hindering DeFi's growth, citing a recent exploit that erased around $20 billion in total value locked. The attack involved minting $292 million in unbacked rsETH and creating nearly $200 million in bad debt. Hack losses this year are comparable to 2025 levels, raising concerns about DeFi's institutional appeal.
JPMorgan reports that ongoing DeFi exploits and stagnant total value locked (TVL) are reducing institutional interest. The bank notes that persistent hacks are driving investors to Tether's USDT, especially during periods of stress, as users withdraw funds from DeFi platforms. This trend highlights security concerns impacting DeFi's growth and institutional adoption.
Lido’s $3 million first-loss buffer was tested after a security breach at Kelp, a liquid restaking protocol, on April 23, 2026. The incident impacted Lido’s EarnETH vault, prompting the platform to pause deposits and withdrawals. Lido is addressing issues related to exposure to a compromised asset and a liquidity squeeze, highlighting ongoing security risks in DeFi.
Meta faces a class-action lawsuit for allegedly generating $16 billion from scam ads, exposing major security and regulatory issues. The lawsuit, filed by the Consumer Federation of America, seeks damages and aims to hold Meta accountable for failing to protect users from fraudulent advertising, raising concerns over platform security and user safety.
JPMorgan highlights ongoing security issues in DeFi, citing a $20 billion loss from the KelpDAO exploit as evidence of systemic risks. Despite stablecoin growth, Ethereum-denominated activity remains flat, underscoring persistent vulnerabilities. These security flaws continue to hinder DeFi’s appeal to institutional investors, emphasizing the need for improved safeguards in the sector.
