phi

Blockaid disclosed on platform X that the Alephium TokenBridge Ethereum cross-chain bridge was attacked. The attacker controlled 3 out of 4 Guardian keys to forge a VAA (Verification Authorization Message) and completed the attack in about 7 minutes, stealing approximately $815,000 in assets.During the attack, the attacker minted 13.76 million Wrapped ALPH out of thin air, exceeding the circulating supply before the attack by over 100%, while also unlocking and transferring assets such as USDT, USDC, WBTC, and WETH from the custody pool.Currently, the attacker's address still holds approximately $815,000 in stolen assets and 13.76 million uncollateralized Wrapped ALPH, with the largest abnormal transaction being the minting of 13.76 million Wrapped ALPH out of thin air.

According to Catcher Predict monitoring, in the "Philadelphia Phillies vs. San Diego Padres" event on the prediction market Polymarket, the "Over" option in the sub-market "O/U 4.5" has experienced a drastic fluctuation in win probability, dropping from 73.5% an hour ago to the current 42.5% (a fluctuation of 31%). Please note the impact of related breaking news.

According to Cointelegraph, Binance announced its official return to the Philippine market through a partnership with BlockShoals, using the sandbox framework of the Philippine Securities and Exchange Commission (SEC) as an entry point. Previously, Binance was banned by the Philippine SEC in 2024, and this return is made possible through the compliance sandbox mechanism.

According to GoPlus security alerts, phishing scams promoting black U and anti-money laundering detection websites have appeared on the X platform. Investigations reveal that the website is a phishing site hosted on the Vercel platform, aimed at tricking users into authorizing their wallets, so please do not interact.GoPlus recommends: try to avoid private transactions and use the OTC features of centralized exchanges; maintain a high level of suspicion towards unfamiliar links, especially those requiring wallet signatures or authorizations; remember the "four no choices" to prevent phishing: do not click on unfamiliar links, do not install software from unknown sources, do not sign transactions with unclear content, and do not transfer funds to unverified addresses.

On-chain analyst "b-block" posted on social media on Monday that a counterfeit Uniswap website is stealing funds from multiple wallets, with assets held by the scammers valued at over $400,000. Stacy Muur, founder of the Web3 marketing agency Green Dots, shared screenshots of false sponsored results from search engines, criticizing Google for ignoring this issue for years, leading to fake links ranking above real ones, resulting in users continuously being scammed.According to Etherscan data, the two flagged addresses hold a total of about 146 ETH, valued at approximately $306,000. DeFiLlama pointed out that fake ads on Google are a common source of phishing attacks. The crypto nonprofit organization Security Alliance (SEAL) reported in April that phishing activities on Google searches significantly increased in March, with attackers deploying highly deceptive fake ads by paying for or hijacking legitimate ad accounts, using seemingly real URLs to bypass Google's automatic checks, and loading malicious payloads through hidden iframes.SEAL has blocked over 356 malicious ad links and stated that the volume of Google ads deployed by attackers has remained stable for over a year, with no slowdown in attack activities. Reports indicate that between March 13 and 30 alone, a total of $1.27 million was stolen. Additionally, earlier this month, there were malicious ad campaigns targeting Mac users that utilized Google ads and the AI chatbot Claude for shared chats. Malwarebytes also reported that Facebook is similarly a hotspot for fake ads and scams.

According to monitoring by Catcher Predict, in the prediction market Polymarket, the "Philadelphia Phillies vs. San Diego Padres" event has seen significant fluctuations in the "Philadelphia Phillies" option's win probability in the sub-market "Philadelphia Phillies vs. San Diego Padres," rising from 57.5% an hour ago to the current 89.5% (a fluctuation of 32%). Please note the impact of related breaking news.

According to BBX data, the pressure from market regulation suddenly intensified over the weekend, and institutional-level crypto derivatives product lines expanded simultaneously. The core dynamics are as follows:On May 22, James Comer (Republican, Kentucky), Chairman of the House Oversight and Government Reform Committee, officially issued investigation letters to Kalshi (privately held) and Polymarket (privately held), initiating a formal congressional investigation into insider trading on prediction market platforms. The investigation focuses on two suspicious bets: one betting on the early capture of Venezuelan President Maduro, and another betting on the direction of the Iranian conflict. Both transactions recorded unusually large amounts just hours before the related events were made public. According to media reports, the Wisconsin Attorney General has recently listed Robinhood Markets, Inc. (NASDAQ: $HOOD), along with Kalshi, Polymarket, and Crypto.com, as defendants, accusing them of providing unlicensed sports betting services in Wisconsin. This is the latest escalation of the prediction market facing legal challenges in 13 states to congressional scrutiny. Both Kalshi and Polymarket stated their willingness to cooperate with the committee's investigation, asserting that their platforms have robust anti-insider trading mechanisms.On May 23, the U.S. Securities and Exchange Commission (SEC) officially approved a proposal submitted by Nasdaq, Inc. (NASDAQ: $NDAQ) to launch cash-settled Bitcoin index options on its Philadelphia Stock Exchange, which does not involve physical delivery of Bitcoin. This product will allow institutional investors to hedge or invest in Bitcoin price fluctuations through standardized options contracts, filling a market gap for cash-settled Bitcoin index derivatives on regulated exchanges in the U.S. The timing of the approval coincided with significant fluctuations in Bitcoin over the week (with a low of $74,500 and a high rebound to $77,800), reflecting the accelerating release of genuine demand for volatility management tools in the market.

According to SolanaFloor monitoring, a scam gang is impersonating Jupiter, airdropping fake CJUP tokens to wallets, and enticing users to connect to a scam website to steal assets.

According to Cointelegraph, Casa co-founder Jameson Lopp warned that a new phishing technique has emerged, where attackers abuse legitimate Google recovery forms to hide malicious links within lengthy messages filled with a lot of blank space.

Delphi Digital pointed out in its latest post that WETH, USDT, and USDC are the three largest lending markets on Aave's Ethereum market, accounting for 89% of the total borrowing volume. The supply rates for these three markets are about 25%-35% lower than the borrowing rates, resulting in an annual loss of approximately $52 million, nearly half of Aave's annualized revenue for the first quarter. Even if the reserve factor is completely eliminated, there would still be a loss of about $36 million.Delphi believes that Aave's peer-to-pool model has significant structural flaws. The KelpDAO bridge attack on April 18 further exposed this issue. The attacker leveraged $292 million in rsETH on Aave, leading to nearly $200 million in bad debt for Aave, and the main markets like WETH experienced 100% utilization, freezing for up to 5 days.

Delphi Digital stated on platform X that Strategy has raised funds over the years by issuing stock at a premium and cheap convertible bonds.Today, this window has essentially closed. Common stock issuance is constrained by the market-adjusted net asset value (mNAV), the issuance of new convertible debt has been suspended, and STRC has become the primary financing channel. The 11.5% yield is the cost at a lower tier of the capital structure.The repayment order of STRC is behind convertible bonds and preferred stock, so holders are compensated for taking on the impairment risks that the debt layer avoids. Strategy is paying this spread to continue accumulating Bitcoin in the current environment while buying time for the repayment of large debts maturing in 2028.

The cryptocurrency research institution Delphi Digital released the latest report "How Far Can Saylor Stretch It," which systematically analyzes the Bitcoin (BTC) funding expansion mechanism of Strategy, pointing out that its financing structure is transitioning from "low-cost accumulation" to the "diminishing marginal efficiency" stage. The report shows that in the current asset accumulation system centered around Bitcoin, STRC has become the core financing tool for Strategy's continuous purchase of BTC. Initially, it relied on a significant premium in MSTR's stock price (mNAV far exceeding BTC's net value) to achieve a positive cycle of "issuance leads to accumulation," but as the valuation has fallen back to about 1.24 times the EV-based mNAV, the BTC per share enhancement effect from common stock issuance is nearing breakeven.At the same time, while convertible bond tools have played an important role historically, they have accumulated about $8.2 billion in principal and will face concentrated repayment pressure after September 2027, putting long-term sustainability of the financing structure under pressure. STRC provides a continuous financing source for Strategy by offering approximately 11.5% annualized monthly dividends to income-oriented investors, to maintain the pace of BTC purchases. However, this mechanism also introduces ongoing cash flow obligations, meaning that each round of financing increases BTC assets while simultaneously accumulating future dividend burdens.The report emphasizes key risk scenarios: if BTC prices remain stagnant and MSTR's premium fails to recover, then the "STRC financing purchase gain" may be gradually offset by "common stock dilution and dividend obligations." Although the company's approximately $2.25 billion cash reserves can cover about $1 billion in redemption pressure in 2027, larger-scale debt and dividend structures in 2028 still need to be addressed. Additionally, the current authorized issuance limit of about $28.3 billion for STRC becomes a critical constraint point. Once the limit is reached, the ability to purchase new BTC may slow down, but existing dividend obligations will continue to exist, thus altering the overall BTC per share dynamic growth path.

SlowMist has issued a security warning stating that a high-risk phishing activity targeting TRON wallet users has been discovered. Attackers created a fake Chrome extension for the TronLink wallet, using Unicode bidirectional control characters and Cyrillic homographs to disguise the brand name. After installation, the extension loads a complete phishing page through a remote iframe, forming a "shell-core separation" credential theft chain.The malicious extension name uses homographs for disguise, and its Chrome Store page inherits the high user count and positive reviews of the real extension, lowering the review threshold. There is very little local code, only loading remote pages, making static analysis nearly impossible to detect malicious behavior. The remote phishing page perfectly replicates the official TronLink web wallet interface, stealing mnemonic phrases, private keys, Keystore files, and passwords, and relaying them in real-time via a Telegram Bot.Built-in anti-analysis features disable right-click, developer tools, drag-and-drop, and printing, and redirect based on the geographic and language settings of Russian users to evade detection. SlowMist recommends immediately uninstalling suspicious extensions, clearing local storage, checking for abnormal traffic, and if credentials have been entered, creating a new wallet and transferring assets immediately.

According to GMGN monitoring, the Base ecosystem token POD (dphn.ai) saw a significant increase in market value this morning, peaking over $170 million, currently reported at $130 million, with a 24-hour increase narrowing to 82%, and a trading volume of $6.3 million during the same period.It is reported that dphn.ai is an AI model development and DePIN project, and the "Dolphin Mistral 24B Venice Edition" it provides is the default uncensored AI model on the Venice platform. Previously, during the surge of VVV, POD rose as it served as a core model provider. This increase may also be compounded by the influence of Base co-founder Jesse's retweet, with related sentiment continuing to ferment.

According to BusinessWorld, the Central Bank of the Philippines has warned the public and cryptocurrency users not to trade with unauthorized virtual asset service providers, as this may lead to financial losses due to fraud, security vulnerabilities, and operational failures.The central bank stated that unauthorized VASPs also pose risks such as lack of legal recourse, absence of consumer assistance mechanisms, poor service quality, false advertising, improper handling of private keys, cybersecurity incidents, and data privacy issues. Additionally, access may be restricted due to government enforcement actions against illegal operations. The Central Bank of the Philippines has committed to continuing cooperation with the Securities and Exchange Commission, the National Telecommunications Commission, and other departments to restrict access for Philippine users to unauthorized VASP platforms, and urges consumers to protect personal information, maintain cybersecurity hygiene, and only trade with licensed institutions.

According to official news, the on-chain identity project Phi will cease operations on May 25, and phi.box and other services will be discontinued, but the PHI token will be retained and continue to trade on Aerodrome.Phi stated that in January of this year, the team underwent large-scale layoffs to reduce costs in search of a sustainable development path. In the following months, Phi explored various possibilities, including transitioning into the prediction market or artificial intelligence fields, but currently, the funds can no longer support the project's continued operation.

Bitget, through the Blockchain4Her program, continues to promote the popularization of Web3 women's education and community building in emerging markets such as the Philippines. This program focuses on providing a systematic blockchain knowledge framework for women and youth, helping them participate in the long-term development of Web3 with a solid understanding and gain more substantial opportunities within the industry.To achieve this goal, Blockchain4Her has supported several grassroots initiatives led by local female advocates. These include: transforming blockchain technology into practical development opportunities for underdeveloped communities; developing exclusive learning materials titled "Young Learners' Encyclopedia" for youth; and building a learning community focused on risk control and trading discipline. These initiatives not only help local beginners avoid misinformation and establish a rational understanding of Web3 but also align closely with Bitget's partnership with UNICEF in promoting digital skills and blockchain education globally.Bitget CEO and Blockchain4Her founder Gracy Chen stated, "Our original intention is to provide a more equal and open environment for women to explore Web3. Seeing more and more outstanding women engaging in community building shows us how true industry inclusivity takes root and flourishes from the grassroots."

According to Cointelegraph, Robinhood users have recently encountered a phishing attack. The attackers exploited the Gmail feature that ignores the "." in email usernames, along with a vulnerability in the Robinhood account creation process, to register accounts that are very similar to the target email addresses. This allowed them to send fake reminder emails with phishing links to the victims' inboxes from the Robinhood official mail server.Cybersecurity researcher Alex Eckelberry stated that the email could pass SPF, DKIM, and DMARC verification, appearing to come from an official address. Robinhood stated that this incident did not involve a system or customer account breach, and that user funds and personal information were not affected, but advised users to delete the related emails and not to click on suspicious links.

According to CertiK senior blockchain investigator Natalie Newson, real-time deepfakes, phishing, supply chain attacks, and cross-chain vulnerabilities will be the main sources of crypto hacking attacks.To date, the industry has lost over $600 million due to hacking attacks, including the $293 million vulnerability incident at Kelp DAO and the $280 million theft incident at Drift Protocol, both of which are related to North Korean hacker groups. Newson warned that the accelerated development of AI will make attack methods more complex, including more realistic deepfakes, autonomous attack agents, and "agent AI" that can automatically scan for vulnerabilities in smart contracts, but AI can also serve as a defense tool. CertiK advises investors to verify the authenticity of URLs and use cold wallets to store assets to reduce risk.