BlockThreat - Week 3, 2026
Greetings!
The first week in awhile with no major incidents (that we know of) this week. This will be a great time to catch up on all of the great research, sharpen the saw, before we are once again thrown into battle. Be careful out there!
Let’s dive into the news!
News
Vitalik Buterin condemns criminalization of code in appeal for Tornado Cash developer.
Crypto crime topped $150 billion in 2025 as state-backed actors scaled onchain.
Crime
No release for French tax agent who gave crypto investor details to gangs.
US lawmakers press SEC over paused Justin Sun enforcement case.
Policy
The FTC announced in December it intends to sue @nomadxyz_ for the 2022 hack of their bridge.
Zcash Foundation Says SEC Ends Investigation With No Enforcement Action.
Manhattan DA Pushes Criminal Penalties for Unlicensed Crypto Operators.
Phishing
Common Telegram Scams in Crypto and How to Stay Safe: A Founder’s Guide by Preetam (QuillAudits).
Malware
Researchers Uncover NodeCordRAT Hidden in npm Bitcoin-Themed Packages.
‘Imagination the limit’: DeadLock ransomware gang using smart contracts to hide their work.
Research
A Web2.5 Vulnerability Story: Between Backend and Onchain by Bogdan Kondratev (Decurity).
CodeBreach: Infiltrating the AWS Console Supply Chain and Hijacking AWS GitHub Repositories via CodeBuild by Yuval Avrahami, Nir Ohfeld (Wiz).
Lack of isolation in agentic browsers resurfaces old vulnerabilities by Lucas Bourtoule (Trail of Bits).
Proving an Aptos Vault Correct with the Move Prover by Ahmad Khan(Nirlin) (Adevar Labs).
Wake Debugging Guide by Naoki Yoshida (Ackee).
Tools
Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows.
Enjoy reading BlockThreat? Consider sponsoring the next edition or becoming a paid subscriber to unlock the premium section with detailed information on hacks, vulnerability, indicators, special reports, and searchable newsletter archives.