On-chain investigator ZachXBT flagged a coordinated exploit against THORChain's cross-chain liquidity pools on May 15, 2026, with PeckShield confirming losses of approximately $10.8 million across four blockchains - around 36.85 BTC plus $7 million in assets from Ethereum, BNB Chain, and Base. The attacker funneled funds into two main addresses (BTC bc1ql4u94klk265lnfur2ujk9p6uh52f2a8jhf6f37 and ETH 0xd477b69551f49C0519F9B18c55030676138890Bd). THORChain responded with a global emergency halt of trading and signing - a controversial move given the protocol's permissionless positioning. No official post-mortem has been released. The RUNE token dropped 12-14% on the news; the same protocol was previously used by North Korean operators to launder $175 million.
Litecoin's privacy add-on, called MWEB, was attacked over the weekend in a way that forced the network to rewind 13 blocks of history (about 32 minutes) to undo invalid transactions. The interesting part for non-crypto people: developers had quietly fixed the bug between March 19 and 26 but never required mining pools to actually deploy the fix. Some pools updated, some didn't. Attackers waited 37 days and exploited the gap between patched and unpatched nodes, draining roughly $600,000 from cross-chain swap protocols including NEAR Intents. The pattern - quiet fix followed by slow rollout - is the same coordination failure that bites every distributed system, not just blockchains.