Zcash is recovering after a critical vulnerability in its Orchard shielded pool could have allowed counterfeit token creation. Founder Zooko Wilcox proposed the Ironwood upgrade to let users independently verify the circulating supply.
Over 17 Humanity Protocol wallets were drained of $19 million on Tuesday, crashing the H token by more than 80%. The attack vector remains unknown, but on-chain analysts suspect a shared vulnerability across wallets interacting with the protocol.
A federal judge blocked the Trump administration’s $100,000 H1-B visa fee, ruling it violated the Administrative Procedure Act and Constitution. The fee threatened rural Alaska schools that rely on visa teachers and would have dramatically increased hiring costs for tech giants.
Researchers have traced mysterious GPS interference across Europe to Russia’s Kosmos 2546 satellite, part of the EKS early-warning constellation. The space-based jamming signals affected receivers from Norway to Spain — raising concerns about continental-scale navigation attacks.
A single-character typo in the Linux kernel’s nf_tables code (CVE-2026-23111) turns any unprivileged local account into root — and working exploits are now public. Full technical write-ups from Exodus Intelligence and FuzzingLabs detail Debian, Ubuntu, and RHEL exploitation paths.
The Shai-Hulud supply-chain campaign compromised 19 scientific PyPI packages (Dynamo, Spateo, CoolBox, U-FISH, and more) with malware that steals developer secrets — cloud keys, publishing tokens, SSH keys, and AI tool configs. The payload triggers on any Python invocation.
