SlowMist security firm warns of MacSync, a new macOS malware targeting crypto wallets. The malware aims to steal wallet credentials and exfiltrate sensitive data, posing a significant threat to Mac users holding cryptocurrencies. Users are advised to update security software and avoid suspicious links to protect assets from this destructive campaign.
Microsoft is integrating Anthropic’s Claude Mythos into its Security Development Lifecycle (SDL) to enhance vulnerability detection. Announced on April 7, Mythos has already identified thousands of major security flaws in operating systems and web browsers. This rollout is part of Anthropic’s Project Glasswing, which also involves Amazon and Apple, aiming to strengthen cybersecurity across major tech companies.
The Lazarus Group has intensified its Mach-O Man malware campaign targeting crypto and fintech executives, according to CertiK. Researchers linked over $500 million in recent exploits to Lazarus activity. The group used the ClickFix method to deceive victims into executing malicious commands on macOS systems, highlighting a significant security threat in the crypto sector.
Kelp DAO was exploited for approximately $292 million, marking one of the largest security breaches in Web3. The attack highlights ongoing vulnerabilities in decentralized protocols. The incident coincides with increased concerns over North Korean hacking activities targeting crypto, Aave contagion risks, and Coinbase's exploration of quantum computing, emphasizing the need for enhanced security measures across the industry.
The $292 million Kelp DAO exploit highlights ongoing security risks in crypto bridges, which remain one of the industry's weakest points. The exploit underscores structural vulnerabilities in bridge systems that rely on complex infrastructure and hidden trust assumptions. Experts warn that as long as these issues persist, bridges will continue to be prime targets for attacks, posing significant security challenges for the crypto industry.
RedotPay has integrated SUI and USDC into its platform, enabling over 7 million users to send, receive, and spend these assets in real-world transactions. Launched in April 2026, this move connects crypto balances to traditional payment systems, allowing transactions in over 100 countries and 130 million merchants. The integration leverages Sui’s speed and USDC’s stability for practical everyday spending.
The Sui DeFi protocol Volo was exploited, resulting in user losses. The Volo team announced they will absorb the losses to protect users. The incident highlights ongoing security challenges in the DeFi space, with no specific amount disclosed. The exploit underscores the importance of security measures in decentralized finance platforms.
