According to the source, approximately $1.2 million was drained from the Seedify cross-chain bridge in an attack attributed to North Korean hackers, elevating counterparty and bridging risk for SFUND exposure; source: https://decrypt.co/341076/north-korean-hackers-drain-1-2m-from-seedify-bridge. For trading impact, monitor SFUND order books, bridge status updates, and on-chain flows because DPRK-linked groups have historically targeted DeFi bridges and laundered proceeds via mixers, which can pressure liquidity and widen spreads in the short term; source: https://blog.chainalysis.com/reports/north-korea-crypto-hacks-2023/.

According to the source, a wallet reportedly lost 6.28M in stETH and aEthWBTC after signing multiple phishing permit signatures (source: user-provided alert). This report cannot be independently verified here because no wallet address or transaction hash was supplied (source: assessment of provided information). For trading impact, if confirmed, such drains can precede on-chain liquidations; monitor the stETH-ETH spread, Curve stETH/ETH pool imbalance, and WBTC liquidity for abnormal flows that may affect ETH, stETH, and WBTC pricing (source: observable DeFi market mechanics). Risk management actions include reviewing and revoking token approvals or permit allowances on relevant protocols and tracking potential mixer or bridge outflows that could signal imminent selling (source: standard on-chain security practice).

According to @PeckShieldAlert, the NGP token from NewGold Protocol was exploited for approximately $2 million. NGP dropped 88% within one hour, @PeckShieldAlert reported. The exploiter deposited 443.8 ETH of the stolen funds into Tornado Cash, @PeckShieldAlert reported. Traders should note the extreme price drawdown and the transfer route to Tornado Cash as reported by @PeckShieldAlert.

According to @EmberCN, the Radiant Capital exploit wallet sold 4,326 ETH for 20.475M DAI in the past hour, indicating continued ETH-to-DAI conversion activity (source: @EmberCN on X). Since selling began two days ago, the wallet has offloaded a total of 9,631 ETH for 43.937M DAI at an average execution price of $4,562 (source: @EmberCN on X). The address now holds 12,326 ETH plus 43.937M DAI, with a combined value of approximately $102M (source: @EmberCN on X). The assets tied to last year’s theft were valued at $53M at the time, providing context for the current realized and remaining balances (source: @EmberCN on X).

According to @PeckShieldAlert, 58.2 BTC (about $7 million) were drained from the Odin GodOfRunes platform, source: @PeckShieldAlert. The attackers added liquidity using SATOSHI, artificially inflated the token price, and then removed liquidity to receive BTC returns, source: @PeckShieldAlert. Attacker addresses were disclosed in the alert, source: @PeckShieldAlert.

According to @EmberCN, the hacker involved in the recent GMX exploit has now laundered the 1,700 ETH ($5 million) white-hat bounty using the Tornado Cash mixer. This event marks the conclusion of the security incident where the attacker initially stole assets worth $42 million, which appreciated to $45 million due to the rise in Ethereum's (ETH) price, as cited by the source. The source reports that the hacker returned $40 million of the assets to GMX, with the protocol covering the remaining $2 million loss. The exploiter ultimately walked away with the $5 million bounty, an outcome that could influence trader sentiment regarding GMX's security resolution process and the ongoing risks associated with DeFi protocols.

According to @EmberCN, the hacker involved in the GMX exploit has returned 10.49 million FRAX to the GMX deployer wallet, suggesting successful negotiations have taken place. This development follows the theft of $42 million from the GMX V1 pool on July 9th. After the initial exploit, the GMX team publicly offered a 10% bounty for the return of the funds. The exploiter had previously converted all stolen assets into Ethereum (ETH), with the exception of the FRAX stablecoin. The partial return of funds is a significant event for GMX holders, as the recovery of assets could help restore investor confidence and potentially lead to a positive price movement for the GMX token.

According to PeckShieldAlert, an exploiter connected to the GMX protocol has sent an on-chain message indicating that the stolen funds will be returned at a later time. The blockchain security firm highlighted this communication from the exploiter. For traders, this development could introduce significant volatility for the GMX token. A potential return of funds could trigger a positive price movement, while any delay or failure to follow through could lead to negative sentiment. The situation remains uncertain until the funds are actually returned.

According to @EmberCN, the decentralized perpetual exchange GMX has suffered a major exploit resulting in the theft of over $42 million in crypto assets, as initially reported by blockchain security firm PeckShield. The stolen funds include over $10 million in legacy Frax dollar, $9.6 million in wrapped BTC (wBTC), and $5 million in DAI stablecoin. The report notes that $9.6 million has already been bridged to the Ethereum (ETH) network, while $32 million remains on the Arbitrum network where GMX operates. In response, GMX developers have made an on-chain offer to the hacker for a 10% white-hat bounty in exchange for the return of the funds. This incident underscores the significant security risks for traders in the DeFi space, which is a critical consideration for portfolio security.

According to @PolynomialFi, the multi-chain liquid staking protocol Meta Pool has been exploited for $27 million due to a smart contract bug that allowed for the free minting of its mpETH token. Blockchain security firm PeckShield reported the bug, noting that while an attacker minted $27 million in mpETH, they could only exchange 10 ETH (approximately $25,000) due to low liquidity on Uniswap. The protocol's MPDAO governance token currently trades at $0.02. In separate news, the Solana-based decentralized exchange Jupiter is pausing all DAO votes until the end of 2025, citing a "breakdown in trust" and a need to focus on a critical development period for DeFi. Jupiter executive Kash Dhanda confirmed that while votes are paused, active staking rewards (ASR) will continue at 50 million JUP per quarter. The JUP token has declined 21.8% over the past 30 days and was trading at $0.40 with minimal reaction to the news.

According to MistTrack_io, the Ethereum exploiter address 0xEA6f30e360192bae715599E15e2F765B49E4da98 has been flagged for malicious activity, with the exploiter's gas fee sourced from Swapuz Team (source: MistTrack_io on Twitter, May 28, 2025). This incident highlights an evolving security threat for crypto traders, with direct implications for DeFi platforms and token holders. Traders are urged to monitor flagged addresses and consider enhanced wallet security, as such exploits can cause rapid shifts in token liquidity and price volatility across the Ethereum ecosystem (source: MistTrack_io; Etherscan).