https://www.halborn.com/blog Stay updated with the latest blockchain security news, insights, and analysis from Halborn's expert security researchers. en-us Sat, 16 May 2026 23:32:40 GMT https://www.halborn.com/halborn-logo.png https://www.halborn.com/blog https://www.halborn.com/blog/post/month-in-review-top-defi-hacks-of-april-2026 https://www.halborn.com/blog/post/month-in-review-top-defi-hacks-of-april-2026 Wed, 13 May 2026 15:17:11 GMT Halborn analyzes April 2026’s top DeFi hacks, breaking down $630M+ in losses, key attack vectors, and practical lessons to strengthen protocol security. Month in Review https://www.halborn.com/blog/post/know-your-agent-kya-and-the-risks-of-agentic-finance https://www.halborn.com/blog/post/know-your-agent-kya-and-the-risks-of-agentic-finance Tue, 12 May 2026 19:01:55 GMT Learn how KYA applies to agentic finance, autonomous payments, x402 protocols, and Web3 security risks. AI https://www.halborn.com/blog/post/explained-the-trustedvolumes-hack-may-2026 https://www.halborn.com/blog/post/explained-the-trustedvolumes-hack-may-2026 Mon, 11 May 2026 16:50:09 GMT In May 2026, TrustedVolumes, a DeFi liquidity provider & market maker associated with 1inch, was the victim of a $6.7M hack. Halborn explains. Explained: Hacks https://www.halborn.com/blog/post/need-to-know-privacy-how-canton-solves-the-confidentiality-integrity-trade-off https://www.halborn.com/blog/post/need-to-know-privacy-how-canton-solves-the-confidentiality-integrity-trade-off Tue, 05 May 2026 22:09:47 GMT Halborn examines how Canton’s need-to-know privacy model solves the confidentiality-integrity trade-off for regulated finance while preserving auditability and security. Web3 https://www.halborn.com/blog/post/explained-the-wasabi-protocol-hack-april-2026 https://www.halborn.com/blog/post/explained-the-wasabi-protocol-hack-april-2026 Mon, 04 May 2026 13:09:27 GMT In April 2026, the Wasabi Protocol, a DeFi derivatives platform, was the victim of a $5M hack. Halborn explains. Explained: Hacks https://www.halborn.com/blog/post/what-is-slippage-in-crypto-causes-and-how-to-avoid-it https://www.halborn.com/blog/post/what-is-slippage-in-crypto-causes-and-how-to-avoid-it Wed, 29 Apr 2026 12:11:23 GMT What is slippage in Web3? Learn how liquidity, volatility, and MEV impact trade execution and how to minimize slippage in DeFi. Web3 https://www.halborn.com/blog/post/lovable-data-leak-bola-vulnerability-and-app-security-risks https://www.halborn.com/blog/post/lovable-data-leak-bola-vulnerability-and-app-security-risks Mon, 27 Apr 2026 19:41:38 GMT A BOLA vulnerability exposed chat data in Lovable’s public projects. Learn what happened and what it reveals about hidden app security risks. AI https://www.halborn.com/blog/post/explained-the-mercor-hack-april-2026 https://www.halborn.com/blog/post/explained-the-mercor-hack-april-2026 Fri, 24 Apr 2026 09:43:07 GMT In April 2026, Mercor was hit by an AI supply chain attack linked to the LiteLLM breach. Halborn explains what happened. Explained: Hacks https://www.halborn.com/blog/post/halborn-announces-partnership-with-verifiedx-and-merkle-science https://www.halborn.com/blog/post/halborn-announces-partnership-with-verifiedx-and-merkle-science Fri, 24 Apr 2026 09:10:23 GMT Halborn announces partnership with VerifiedX and Merkle Science to support VerifiedX’s institutional-grade digital asset platform. Company News https://www.halborn.com/blog/post/explained-the-vercel-hack-april-2026 https://www.halborn.com/blog/post/explained-the-vercel-hack-april-2026 Tue, 21 Apr 2026 17:58:50 GMT In April 2026, Vercel, the company behind Next.js, suffered a supply chain attack. Halborn explains what happened. Explained: Hacks https://www.halborn.com/blog/post/explained-the-kelp-dao-hack-april-2026 https://www.halborn.com/blog/post/explained-the-kelp-dao-hack-april-2026 Mon, 20 Apr 2026 14:10:39 GMT In April 2026, Kelp DAO, a liquid restaking protocol, was the victim of the largest DeFi hack of 2026 to date. Halborn explains what happened. Explained: Hacks https://www.halborn.com/blog/post/explained-the-rhea-finance-hack-april-2026 https://www.halborn.com/blog/post/explained-the-rhea-finance-hack-april-2026 Fri, 17 Apr 2026 16:54:25 GMT In April 2026, Rhea Finance, one of the largest DeFi hubs on the NEAR blockchain, was the victim of a $7.6M hack. Explained: Hacks https://www.halborn.com/blog/post/halborn-partners-with-hashgraph-to-strengthen-security-across-the-hedera-ecosystem https://www.halborn.com/blog/post/halborn-partners-with-hashgraph-to-strengthen-security-across-the-hedera-ecosystem Thu, 16 Apr 2026 12:41:13 GMT Halborn announces its partnership with Hashgraph, highlighting the shared goal of strengthening security across the Hedera ecosystem. Company News https://www.halborn.com/blog/post/explained-the-tmm-hack-april-2026 https://www.halborn.com/blog/post/explained-the-tmm-hack-april-2026 Mon, 13 Apr 2026 12:12:24 GMT In April 2026, the TMM/USDT trading pair on BSC was the victim of a $1.7M reserve manipulation attack. Halborn explains. Explained: Hacks https://www.halborn.com/blog/post/automated-spend-controls-for-ai-agent-micropayments https://www.halborn.com/blog/post/automated-spend-controls-for-ai-agent-micropayments Fri, 10 Apr 2026 10:04:32 GMT Learn how to design spend controls for AI agent micropayments, including transaction caps, rolling limits, velocity checks, approvals, and testing. AI https://www.halborn.com/blog/post/explained-the-drift-hack-april-2026 https://www.halborn.com/blog/post/explained-the-drift-hack-april-2026 Mon, 06 Apr 2026 09:26:36 GMT In April 2026, Drift, a Solana-based decentralized perpetual futures exchange, was the victim of a $285M hack. Halborn explains. Explained: Hacks https://www.halborn.com/blog/post/explained-the-litellm-hack-march-2026 https://www.halborn.com/blog/post/explained-the-litellm-hack-march-2026 Fri, 03 Apr 2026 17:33:45 GMT On March 24, 2026, attackers linked to TeamPCP compromised LiteLLM. Halborn explains what happened. Explained: Hacks https://www.halborn.com/blog/post/month-in-review-top-defi-hacks-of-march-2026 https://www.halborn.com/blog/post/month-in-review-top-defi-hacks-of-march-2026 Wed, 01 Apr 2026 09:39:49 GMT Halborn recaps the top DeFi hacks that occurred in March 2026. Month in Review https://www.halborn.com/blog/post/explained-the-axios-hack-march-2026 https://www.halborn.com/blog/post/explained-the-axios-hack-march-2026 Tue, 31 Mar 2026 20:05:00 GMT Halborn explains how the March 2026 Axios hack unfolded, how malicious npm packages spread RAT malware, and what developers and organizations should do next. Explained: Hacks https://www.halborn.com/blog/post/explained-the-resolv-hack-march-2026 https://www.halborn.com/blog/post/explained-the-resolv-hack-march-2026 Mon, 30 Mar 2026 16:41:19 GMT In March 2026, Resolv was the victim of a $23M hack. Halborn explains what happened. Explained: Hacks https://www.halborn.com/blog/post/why-daml-s-deterministic-model-fits-regulated-finance https://www.halborn.com/blog/post/why-daml-s-deterministic-model-fits-regulated-finance Thu, 26 Mar 2026 10:15:04 GMT Learn how Daml’s deterministic smart contract model reduces operational risk, improves auditability, and supports regulated finance. Web3 https://www.halborn.com/blog/post/explained-the-venus-protocol-hack-march-2026 https://www.halborn.com/blog/post/explained-the-venus-protocol-hack-march-2026 Mon, 23 Mar 2026 08:42:04 GMT In March 2026, the Thena (THE) market hosted on Venus Protocol (BNB Chain) suffered a hack. Halborn explains. Explained: Hacks https://www.halborn.com/blog/post/threat-modeling-for-canton-based-applications https://www.halborn.com/blog/post/threat-modeling-for-canton-based-applications Thu, 19 Mar 2026 13:56:52 GMT Halborn explains how to approach threat modeling for Canton-based applications, from privacy and authorization risks to cross-domain coordination and institutional security. Web3 https://www.halborn.com/blog/post/explained-crypto-whale-loses-50-million-in-flawed-swap-march-2026 https://www.halborn.com/blog/post/explained-crypto-whale-loses-50-million-in-flawed-swap-march-2026 Sun, 15 Mar 2026 12:09:36 GMT In March 2026, a crypto whale lost $50M due to a bad trade. Halborn explains what happened. Explained: Hacks https://www.halborn.com/blog/post/halborn-partners-with-knova-to-support-secure-tokenized-market-infrastructure https://www.halborn.com/blog/post/halborn-partners-with-knova-to-support-secure-tokenized-market-infrastructure Thu, 12 Mar 2026 15:19:43 GMT Halborn announces its partnership with Knova as the trusted cybersecurity partner for the Knova ecosystem. Company News https://www.halborn.com/blog/post/x402-explained-security-risks-and-controls-for-http-402-micropayments https://www.halborn.com/blog/post/x402-explained-security-risks-and-controls-for-http-402-micropayments Tue, 10 Mar 2026 20:08:46 GMT Halborn explains x402 and HTTP 402 micropayments, including how the protocol works, key security risks, and controls for secure implementation. Blockchain Security https://www.halborn.com/blog/post/explained-the-solv-hack-march-2026 https://www.halborn.com/blog/post/explained-the-solv-hack-march-2026 Sat, 07 Mar 2026 11:27:18 GMT In March 2026, Solv, a reserve protocol on the Bitcoin blockchain, suffered a $2.7M hack. Halborn explains. Explained: Hacks https://www.halborn.com/blog/post/month-in-review-top-defi-hacks-of-february-2026 https://www.halborn.com/blog/post/month-in-review-top-defi-hacks-of-february-2026 Mon, 02 Mar 2026 16:15:13 GMT Halborn recaps the top hacks that occurred in February 2026. Month in Review https://www.halborn.com/blog/post/explained-the-yieldblox-hack-february-2026 https://www.halborn.com/blog/post/explained-the-yieldblox-hack-february-2026 Thu, 26 Feb 2026 18:07:38 GMT In February 2026, YieldBlox’s DAO-managed lending pool, was the victim of a $10M price oracle manipulation attack. Halborn explains. Explained: Hacks https://www.halborn.com/blog/post/explained-the-iotex-hack-february-2026 https://www.halborn.com/blog/post/explained-the-iotex-hack-february-2026 Wed, 25 Feb 2026 15:15:16 GMT In February 2026, IoTeX was the victim of a $4.4M hack targeting its ioTube cross-chain bridge. Halborn explains. Explained: Hacks https://www.halborn.com/blog/post/how-ai-amplifies-the-social-engineering-threat-to-web3 https://www.halborn.com/blog/post/how-ai-amplifies-the-social-engineering-threat-to-web3 Tue, 24 Feb 2026 18:26:00 GMT Halborn explains how AI is making social engineering attacks on Web3 more convincing, from deepfakes to smarter phishing, and how projects can reduce risk. AI https://www.halborn.com/blog/post/explained-the-figure-technology-breach-february-2026 https://www.halborn.com/blog/post/explained-the-figure-technology-breach-february-2026 Thu, 19 Feb 2026 17:25:44 GMT Halborn breaks down the Figure Technology breach, how ShinyHunters exploited social engineering, what data was exposed, and the off-chain controls DeFi teams need to reduce risk. Explained: Hacks https://www.halborn.com/blog/post/beyond-private-keys-top-threats-to-defi-account-security https://www.halborn.com/blog/post/beyond-private-keys-top-threats-to-defi-account-security Mon, 16 Feb 2026 12:26:53 GMT Halborn explains DeFi account security threats beyond private keys, including seed phrase exposure, custodial password leaks, social engineering, and more. Blockchain Security https://www.halborn.com/blog/post/how-account-abstraction-reduces-the-risk-of-compromised-private-keys https://www.halborn.com/blog/post/how-account-abstraction-reduces-the-risk-of-compromised-private-keys Wed, 11 Feb 2026 13:09:54 GMT Halborn explains how Ethereum account abstraction (ERC-4337) can reduce private key risk using smart contract wallets, MFA, passkeys, social recovery, and spending controls. Blockchain Security https://www.halborn.com/blog/post/explained-the-crosscurve-hack-february-2026 https://www.halborn.com/blog/post/explained-the-crosscurve-hack-february-2026 Mon, 09 Feb 2026 19:17:51 GMT In February 2026, CrossCurve, a cross-chain bridge, was the victim of a $3M hack. Halborn explains. Explained: Hacks https://www.halborn.com/blog/post/explained-the-step-finance-hack-january-2026 https://www.halborn.com/blog/post/explained-the-step-finance-hack-january-2026 Tue, 03 Feb 2026 17:53:51 GMT In January 2026, Step Finance suffered a $30M hack of the project’s Solana wallets. Halborn explains. Explained: Hacks https://www.halborn.com/blog/post/month-in-review-top-defi-hacks-of-january-2026 https://www.halborn.com/blog/post/month-in-review-top-defi-hacks-of-january-2026 Mon, 02 Feb 2026 14:20:09 GMT Halborn recaps the top DeFi hacks that occurred in January 2026. Month in Review https://www.halborn.com/blog/post/halborn-achieves-iso-iec-27001-certification-and-nist-csf-2-0-alignment https://www.halborn.com/blog/post/halborn-achieves-iso-iec-27001-certification-and-nist-csf-2-0-alignment Tue, 27 Jan 2026 12:53:39 GMT Halborn has achieved ISO/IEC 27001 certification and NIST CSF 2.0 alignment, reinforcing institutional-grade security and governance for regulated digital asset environments. Company News https://www.halborn.com/blog/post/introducing-ssts-a-security-token-standard-built-for-solana https://www.halborn.com/blog/post/introducing-ssts-a-security-token-standard-built-for-solana Mon, 26 Jan 2026 19:13:01 GMT Halborn announces SSTS, an open source Solana security token standard with configurable verification, token controls, and corporate actions for regulated tokens. Company News https://www.halborn.com/blog/post/explained-the-sagaevm-hack-january-2026 https://www.halborn.com/blog/post/explained-the-sagaevm-hack-january-2026 Mon, 26 Jan 2026 12:21:30 GMT In January 2026, SagaEVM was the victim of a $7M hack. Halborn explains what happened. Explained: Hacks https://www.halborn.com/blog/post/is-quantum-computing-a-real-threat-to-blockchain https://www.halborn.com/blog/post/is-quantum-computing-a-real-threat-to-blockchain Wed, 21 Jan 2026 21:01:49 GMT Halborn explains whether quantum computing is a real threat to blockchain, how Shor’s algorithm impacts signatures, and what a post-quantum transition looks like. Blockchain Security https://www.halborn.com/blog/post/explained-the-282-million-social-engineering-crypto-heist https://www.halborn.com/blog/post/explained-the-282-million-social-engineering-crypto-heist Tue, 20 Jan 2026 10:19:35 GMT In the largest social engineering hack of a crypto user to date, an attacker managed to steal $282M. Halborn explains. Explained: Hacks https://www.halborn.com/blog/post/how-ethereums-fusaka-upgrade-advances-the-blockchain-trilemma https://www.halborn.com/blog/post/how-ethereums-fusaka-upgrade-advances-the-blockchain-trilemma Fri, 16 Jan 2026 16:16:05 GMT Ethereum’s Fusaka upgrade introduced PeerDAS and expanded blob data availability for rollups. Halborn explains how it impacts the blockchain trilemma and security. Blockchain Security https://www.halborn.com/blog/post/top-security-risks-for-digital-asset-treasury-companies https://www.halborn.com/blog/post/top-security-risks-for-digital-asset-treasury-companies Tue, 13 Jan 2026 13:19:23 GMT Halborn provides a practical overview of the biggest security risks for digital asset treasury companies. Digital Assets https://www.halborn.com/blog/post/explained-the-truebit-hack-january-2026 https://www.halborn.com/blog/post/explained-the-truebit-hack-january-2026 Fri, 09 Jan 2026 19:19:34 GMT In January 2026, Truebit experienced a $26M hack against its TRU purchase/minting smart contract. Halborn explains. Explained: Hacks https://www.halborn.com/blog/post/year-in-review-the-biggest-defi-hacks-of-2025 https://www.halborn.com/blog/post/year-in-review-the-biggest-defi-hacks-of-2025 Wed, 07 Jan 2026 11:03:41 GMT Halborn recaps the biggest hacks that occurred throughout the year 2025, including the infamous Bybit hack. Year in Review https://www.halborn.com/blog/post/month-in-review-top-defi-hacks-of-december-2025 https://www.halborn.com/blog/post/month-in-review-top-defi-hacks-of-december-2025 Fri, 02 Jan 2026 11:56:49 GMT Halborn recaps the biggest DeFi hacks that occurred in December 2025. Month in Review https://www.halborn.com/blog/post/explained-the-trust-wallet-hack-december-2025 https://www.halborn.com/blog/post/explained-the-trust-wallet-hack-december-2025 Fri, 02 Jan 2026 11:52:02 GMT In December 2025, Trust Wallet suffered a supply chain attack resulting in $8.5M in losses. Halborn explains. Explained: Hacks https://www.halborn.com/blog/post/layer-1-settlement-in-tradfi-overcoming-key-stumbling-blocks https://www.halborn.com/blog/post/layer-1-settlement-in-tradfi-overcoming-key-stumbling-blocks Mon, 29 Dec 2025 14:44:36 GMT Halborn breaks down the real risks in TradFi Layer-1 settlement - stablecoins, keys, bridges, MEV, and finality - and the controls to manage them. Blockchain Security https://www.halborn.com/blog/post/stablecoin-track-record-and-its-impact-on-asset-quality https://www.halborn.com/blog/post/stablecoin-track-record-and-its-impact-on-asset-quality Mon, 22 Dec 2025 10:38:59 GMT Halborn explains how stablecoin stability and reliability influence asset quality for investors, institutions, regulators, and DeFi builders, and what can put the peg at risk. Digital Assets