Cybersecurity researchers just uncovered a sneaky $10 million backdoor hidden in thousands of decentralized finance (DeFi) smart contracts. The team behind Venn Network believes the sophisticated attack might be tied to North Korea’s infamous Lazarus Group, given how widespread and well-engineered the exploit was.

Editor’s Note: This isn’t just some minor bug—it’s a major wake-up call for the DeFi space. If left unchecked, this backdoor could’ve drained millions from unsuspecting users, and the fact that a state-linked hacking group might be behind it raises the stakes even higher. It’s a reminder that while DeFi offers financial freedom, it’s also a prime target for high-level attacks. Stay vigilant, folks.

Bitcoin Depot, a major crypto ATM operator, exposed the personal data of 27,000 customers in a breach that went undisclosed for more than a year. The company only recently filed a notice with the Maine Attorney General’s office, revealing that the leak was first spotted in June 2024. Bitcoin Depot blamed the delay on federal procedures and ongoing law enforcement involvement—but critics are questioning why affected users weren’t alerted sooner.

Editor’s Note: If you’ve used a Bitcoin Depot ATM in the past couple of years, your info might be floating around in the wrong hands. The company’s sluggish response raises red flags about transparency in crypto—especially when breaches involve financial data. It’s another reminder that even in decentralized finance, trust is fragile, and delays in disclosure can leave customers vulnerable.

Bitcoin Depot, a cryptocurrency ATM operator, admitted that a data breach exposed the personal information of 27,000 customers. While the company claims there's no proof the stolen data has been misused yet, the incident still puts thousands at risk of identity theft or fraud.

Editor’s Note: Data breaches are becoming alarmingly common in crypto, and this one’s no small fry—27,000 people just had sensitive info spilled. Even if nothing’s been exploited yet, leaked personal details can linger online for years, leaving customers vulnerable. It’s another reminder that crypto companies, especially those handling real-world transactions, need to step up their security game.