brunoshi

Base: Same Sequencer Bug Caused June 25 and 26 Mainnet Outages Lasting 116 and 20 Minutes Base said its June 25 and 26 mainnet outages lasted about 116 minutes and 20 minutes, respectively. Both incidents were caused by the same sequencer block-building bug, which allowed stale journal state to persist after a failed transaction and produced a block with an invalid state transition. Base said funds were not affected and the bug has been fixed. It plans to strengthen protocol fuzz testing, load testing, monitoring and network recovery mechanisms.

Anthropic Confirms Claude Mythos 5 Redeployment for US Critical Infrastructure Organizations Source: https://t.co/Jejy9VRqRL Anthropic has confirmed that Claude Mythos 5, its most powerful AI cybersecurity model, will be redeployed to a select set of U.S. organizations responsible for operating and defending critical infrastructure, following a government-led review process that began on June 12, 2026. According to Anthropic, as of June 27, 2026, the U.S. government officially notified Anthropic that Claude Mythos 5 can be redeployed to a defined set of U.S. organizations that operate and defend critical infrastructure. Anthropic confirmed it is moving quickly to restore access for these validated entities. #cybersecuritynews

OpenAI Released GPT-5.6 Sol With Limited Access and Strong Cyberattack Protections Source: https://t.co/IWA2s6EZL7 OpenAI has officially begun a limited preview of the GPT‑5.6 model series Sol, Terra, and Luna, positioning its flagship Sol as the company’s most capable and security-hardened AI model to date, available initially only to a small group of trusted partners at the formal request of the Trump administration. The GPT‑5.6 family introduces three distinct capability tiers under a new naming system. Sol is the flagship model; Terra is a balanced model for everyday work, delivering competitive performance to GPT‑5.5 at 2x lower cost; and Luna is a fast, affordable model designed to bring strong AI capability at the lowest price point in the lineup. #cybersecuritynews

🚨SlowMist TI Alert🚨 AIDC token on BSC has been exploited. 💸 Loss: 220.12 WBNB (~$120929.35) 🔍 Root Cause: AIDCToken's `_sellTransfer()` accumulates a 30% burn amount without deducting it from the seller. Subsequently, any non-Pair transfer triggers `_executeAccumulatedBurn()`, which incorrectly burns tokens from the `uniswapPair` balance instead of the seller. After burning, `sync()` is called, artificially deflating the AIDC reserve in the AMM, allowing the attacker to drain WBNB. 📌 Attacker: 0x89eb2c99e970d831525c7a52badc290afa116b63 📌 Victim: 0x2725033282b3bd4be8873b7f0f622c18e3b7cbd8 (Pancake V2 AIDC/WBNB Pair) 📌 Vulnerable Contract: 0x5021d71859f81b4c905b573591db8f9cc4a0c6fe (AIDCToken) The attacker exploited a flawed burn mechanism where sell-induced burn debt is wrongly imposed on the liquidity pool, enabling repeated reserve manipulation and a final swap that drained nearly all WBNB from the Pair. Powered by #SlowMist.AI

Windows Secure Boot Certificate Expired — Billions of PCs Affected, Including Linux Distros Source: https://t.co/fuvi8Uwhl3 The clock has run out. As of June 24, 2026, the first of Microsoft’s original Secure Boot certificates, the Microsoft Corporation KEK CA 2011, has officially expired, with the Microsoft UEFI CA 2011 following on June 27, 2026. A third, the Microsoft Windows Production PCA 2011, is set to expire on October 19, 2026. Together, these certificates have underpinned firmware-level boot trust on every UEFI-capable PC deployed since the Windows 8 era, more than a billion devices worldwide, including systems running Linux distributions. #cybersecuritynews

⚠️ UPDATE: JetBrains removed 15 malicious Marketplace plugins, blocked 7 publisher accounts, and disabled the plugins in installed IDEs. But experts say the attacker’s C2 server remained live on June 19. Entered API keys? Revoke them now. Read the updated story: https://t.co/iRLzmmP5Sh

🚨Cyber Alert ‼️ 🇺🇸USA - 𝗣𝗼𝗹𝘆𝗺𝗮𝗿𝗸𝗲𝘁 Polymarket confirmed a third-party compromise that enabled attackers to inject malicious code into its website, leading to the theft of user funds. The company contained the incident and will refund affected users. Around the same time, researchers reported a phishing campaign targeting Polymarket users that allegedly stole about US$3 million in cryptocurrency. Threat actor: Not identified Sector: Cryptocurrency exchange and related Data exposure (claimed): Not specified Data type: User funds Observed: Jun 25, 2026 Status: Confirmed ESIX©: 7.96 Full details and impact assessment on https://t.co/eB7qgxKFAa

⚠️ALERT: ASCENDEX WITHDRAWAL ISSUES SPARK LIQUIDITY CONCERNS On-chain sleuth ZachXBT flagged AscendEX for delaying user withdrawals while its hot wallets show critical shortages of large cap assets including ETH, USDT, and SOL, raising liquidity concerns. Some users have reportedly been waiting days or even weeks for withdrawals to be processed. The exchange was previously hacked by the Lazarus Group in December 2021.

⚠️ALERT: POLYMARKET SUFFERS $3 MILLION FRONTEND EXPLOIT A supply-chain attack injected malicious scripts into Polymarket's frontend for a subset of users, leading to around $3 million in losses. Polymarket says the exploit has since been contained and the compromised third-party dependency has been removed.