Skip to main content

Crypto Security and Regulation Roundup, DeFi Exploits and Wallet Updates



Crypto markets and policy did not move in a vacuum this week. On one side, the security environment in decentralized finance continued to produce major incidents tied to bridges, rollup infrastructure, and MEV-related trading. On the other, regulators in the United States and the European Union advanced proposals and rules that could reshape how transactions are processed, especially for centralized exchanges and custodial services.

Separately, a wallet application update brought a set of product changes, including expanded token and transaction display features and additional third-party trading providers. While these updates do not directly address protocol-level vulnerabilities, they influence user workflows around custody, routing, and compliance controls.

DeFi exploits: multiple incidents across bridges, rollups, and MEV


Aztec Connect and other deprecated bridge components targeted


The week’s most notable theme was how attackers continued to find value in systems that were already in decline. According to the roundup, Aztec Connect was drained twice via distinct exploits. The first incident involved an alleged $2.1 million outflow, described as linked to a privacy-focused rollup bridge that had been deprecated in 2023. A separate incident was then described as pulling an additional $2.15 million from another private rollup bridge, reportedly deprecated in 2022.

From an industry perspective, these cases underline a recurring challenge in DeFi security: “deprecated” does not always mean “fully unreachable” for every integration, contract dependency, or edge-case flow. Even when a product is scheduled for retirement, interfaces that remain technically exploitable can continue to create attack surfaces.

Taiko exploit described as forged proof verification


The roundup also described an incident on Taiko tied to chain-state verification. It characterizes the issue as attackers submitting forged message proofs that were accepted as valid by Ethereum mainnet.

The described impact included roughly $1.7 million drained in USDC and ETH, alongside nearly 2 million TAIKO tokens. If accurate, the incident highlights a critical class of risk for layer-2 and bridging systems, where correctness depends on verification logic. Even when verification is meant to protect downstream execution, weaknesses in proof-handling can create outsized consequences.

MEV bot manipulation: “fake wrapped assets” and simulated profitability


Beyond bridges and rollups, the roundup points to a case involving an MEV bot on Ethereum, identified as Jaredfromsubway.eth. The description focuses on attackers tricking automated trading logic by creating fake wrapped assets and liquidity pools that simulated a profitable sandwich trade.

The roundup states that approximately $7.5 million was siphoned through permissions already granted to the bot. In practice, MEV strategies often rely on pre-approved token allowances and on fast transaction execution. This incident, as summarized, fits a broader pattern where adversaries attempt to make an automated system believe in a profit opportunity that exists only in a simulated environment.

Illinois adopts a digital asset transaction tax plan


Regulation in the United States also featured in this week’s roundup. It describes Illinois’ passage of a $55.9 billion state budget that includes the Digital Asset Privilege Tax Act. The plan, as outlined, would impose a 0.2% transaction-level levy on crypto activity starting January 1, 2027.

The described scope focuses on digital asset brokers, including exchanges and custodians that exchange, transfer, or store crypto for Illinois customers. The summary also notes registration requirements and felony charges for noncompliance. Additionally, the roundup references concerns raised by the Crypto Council for Innovation, describing the tax as among the most punitive in the country and warning about precedent effects.

For businesses, a transaction tax at the protocol or transaction level can change unit economics. For users, it may ultimately influence which services offer custody and routing into and out of regulated intermediaries.

EU rules target cash, identity checks, and privacy-asset access via on/off-ramps


On the European side, the roundup summarizes a set of incoming rules affecting cash payments, identity verification, and the ability of regulated providers to handle certain transactions.

It describes a proposed cash cap in the EU: cash payments above €10,000 would be prohibited for goods and services. It also states that cash transactions over €3,000 would trigger mandatory identity verification. For regulated crypto service providers, the roundup notes identity checks on transactions of €1,000 or more and indicates that anonymous accounts are banned.

Crucially, the roundup frames privacy assets as not being outright criminalized for self-custody ownership, but it says the rules would restrict regulated intermediaries from touching privacy coins in certain contexts. It also emphasizes that peer-to-peer onchain transfers between self-custody wallets would remain outside the regulation’s reach, while on-ramps and off-ramps would face tighter constraints.

If these provisions are enacted as described, the immediate operational impact likely falls on exchanges, custodians, and payment providers, which may have to implement stricter routing, monitoring, and customer identification workflows. Over time, this could affect liquidity, pricing, and availability of certain assets through centralized channels.

Wallet and app update: UTXO address generation and expanded trading options


Alongside security and policy, the roundup includes a wallet product update labeled v5.39. While it is not a security incident response, it signals how mainstream crypto apps are adapting their user experience around transaction visibility and third-party trading providers.

MoonPay Trade, Apple Pay via Mercuryo, and provider controls


The roundup states that MoonPay Trade was added to the provider lineup, with features such as filtering between centralized exchanges and decentralized exchanges and the ability to rate providers after a swap. It also notes iOS support for purchasing crypto using Apple Pay through Mercuryo.

UTXO dynamic address generation and Solana history visibility


The update also reportedly includes dynamic address generation for selected UTXO networks, producing a new address for each incoming transaction. It further describes Solana transaction history appearing in the app.

Tangem Pay improvements and card management changes


Separately, the roundup mentions improvements to Tangem Pay, including the ability to reissue and rename a Tangem Pay card and adjust daily spending limits. It frames these changes as making real-world spending more flexible for users operating a self-custody setup.

What this week signals for security and compliance risk


Across the items summarized, a few themes stand out for industry watchers.

  • Security risk persists after deprecation. Protocol retirement does not automatically close all pathways, especially where contracts remain technically accessible.

  • Verification systems remain high-value targets. The Taiko incident description points to the importance of proof correctness and end-to-end validation across chains.

  • Automation increases the stakes of trust assumptions. MEV bots can be exploited by adversaries who design fake liquidity and permissions-aware execution paths.

  • Regulation is converging on intermediaries. U.S. and EU measures described in the roundup emphasize identity checks and transaction handling controls by exchanges, custodians, and regulated providers.


For users, the practical takeaway is not only to monitor security headlines, but also to understand how evolving compliance rules can change access paths and the reliability of on/off-ramps. For builders, the incidents reinforce the need for rigorous decommissioning plans, continuous audit coverage for legacy components, and stronger guardrails around automated trading logic.

https://www.cryptobreaking.com/crypto-security-regulation-roundup-wallet/?utm_source=blogger%20&utm_medium=social_auto&utm_campaign=Crypto%20Security%20and%20Regulation%20Roundup,%20DeFi%20Exploits%20and%20Wallet%20Updates%20
Labels:

Comments

Post a Comment

Popular posts from this blog

Coinbase's x402 launches AI agents app store for payments

Coinbase-backed x402 has unveiled Agentic.market, a dedicated marketplace aimed at increasing the usefulness of AI agents by aggregating thousands of apps and services that agents can access without any API keys. The rollout positions the platform as a central hub for agents to discover, evaluate, and deploy capabilities across a standardized payments layer. Coinbase product lead Nick Prince described Agentic.market in a video posted on X as a storefront for discovering, comparing, and using x402 services. The marketplace is designed to give both humans and their AI agents access to a wide range of tools—from data feeds to consumer apps—without the friction of managing API credentials. A storefront for discovering, comparing, and using x402 services. Thousands of services. Zero API keys. Powered by x402. Prince added that the market offers a web interface for humans to browse and assess services, alongside a programming layer that lets AI agents autonomously search, filter, and integra...
Post a Comment
Read more

Mastercard Launches AI Agent Pay System With Ripple and Solana Help

Mastercard has launched Agent Pay for Machines, a payments system built for autonomous software agents. The service allows AI agents to send and receive payments without direct human action. It brings Ripple, Coinbase, and Solana Foundation into Mastercard’s push for automated digital commerce. Ripple Brings XRPL and RLUSD to Mastercard’s Agent Pay System Mastercard introduced Agent Pay for Machines on June 10 as a tool for machine-led payments. The system targets high-volume and low-value transactions across business and consumer use cases. It also supports automated settlement between software agents and connected machines. Ripple will support the system through the XRP Ledger and its RLUSD stablecoin. The company said that settlement will become more important as automated commerce grows. It also sees blockchain rails as useful for fast and rule-based payments. RippleX senior vice president Markus Infanger said XRPL and RLUSD support enterprise-grade agent payments. He said the tool...
Post a Comment
Read more

Top Cryptocurrencies to Watch: BTC, ETH, BNB, XRP, Solana, Dogecoin & More

Market Analysis and Price Predictions for Key Cryptocurrencies Recent market dynamics reveal a cautious sentiment across the cryptocurrency landscape, with Bitcoin struggling to maintain levels above $90,000 and many major altcoins facing downward pressure. Indicators point toward reduced participation from both institutional and retail investors, raising concerns about a potential consolidation phase after notable gains earlier in the year. Bitcoin has fallen below $87,000, reflecting waning demand at higher price points. Institutional fund flows into BTC and ETH ETFs have turned negative, indicating a period of subdued market activity. Active addresses and Binance deposit/withdrawal activities are at annual lows, suggesting market indecision. Most leading altcoins are approaching support levels, with some poised for potential breakdowns. Tickers mentioned: Bitcoin, Ethereum, Binance Coin, XRP, Solana, Dogecoin, Cardano, Bitcoin Cash, Chainlink, Hyperliquid Sentiment: Neutral to Sli...
Post a Comment
Read more