Scams

AI research firm Anthropic disclosed that automated AI agents successfully exploited 17 of 34 smart contracts in a simulated blockchain environment, extracting $4.5 million in test funds. The models tested included Claude Opus 4.5 and Claude Sonnet 4.5 against contracts deployed after March 2025. The AI agents also identified two previously unknown vulnerabilities in recently launched contracts.

Anthropic tested AI agents on 405 real-world smart contracts and simulated $550.1 million in stolen cryptocurrency. Newer models exploited 34 contracts deployed after March 2025 for up to $4.6 million, with Opus 4.5 leading at $4.5 million. The agents also discovered two previously unknown zero-day vulnerabilities in live contracts worth $3,694 in test revenue.

Yearn Finance has recovered approximately $2.4 million following a Sunday exploit that drained roughly $9 million from its yETH pools. An attacker exploited an unchecked arithmetic vulnerability to mint an excessive quantity of yETH tokens, enabling liquidity extraction from the protocol's Curve-based stableswap pools. Recovery efforts remain ongoing, with collaboration from security firms SEAL 911 and ChainSecurity.

The U.S. House Financial Services Committee released a 53-page report on December 1, 2025, alleging that Biden Administration regulators attempted to exclude cryptocurrency firms from the banking system. Republicans claim the Federal Reserve, FDIC, OCC, and SEC coordinated policies to discourage banks from serving digital asset companies. The report labels these efforts "Operation Choke Point 2.0" and asserts they occurred while Congress worked to establish regulatory clarity for the sector.

Yearn Finance's yETH pool was drained of approximately $9 million through a minting exploit. The attacker transferred 1,000 ETH to Tornado Cash while retaining around $6 million in a controlling wallet. Data show the breach targeted protective mechanisms in the pool's minting contract.

An attacker exploited a vulnerability in Yearn Finance's legacy yETH product on November 30, 2025, minting approximately 235 trillion unauthorized tokens. The breach resulted in losses of roughly $9 million in ETH and liquid staking derivatives from liquidity pools. Around 1,000 ETH, valued at approximately $3 million, was transferred to Tornado Cash following the incident.

Yearn Finance suffered a security breach that drained approximately $9 million from its yETH infrastructure. Attackers exploited a vulnerability in the yETH token contract, enabling unlimited token minting without collateral and draining liquidity from a staked Ethereum derivatives pool. The protocol confirmed the yUSND pool and Nerite's vaults remained unaffected.

Yearn Finance reported a security breach on November 30 that resulted in approximately $9 million in losses. The attack targeted a vulnerability in a legacy yETH stableswap pool, allowing unauthorized token minting. Blockchain security firm PeckShield tracked roughly $3 million of the stolen funds to Tornado Cash, while the remaining $6 million remains in the exploiter's wallet.

Yearn Finance's yETH product suffered an exploit on November 30, 2025, enabling unlimited token minting that drained Balancer pools. Attackers extracted approximately 1,000 ETH valued at $3 million and transferred the funds through Tornado Cash, according to blockchain journalist Colin Wu. The platform confirmed its V2 and V3 Vaults remained unaffected and operational.

Yearn Finance confirmed an exploit targeting its yETH liquid staking token pool on November 30, 2025. An attacker exploited an infinite-mint vulnerability to drain millions in liquid staking tokens, routing approximately 1,000 ETH (around $3 million) to Tornado Cash. The protocol stated that Yearn Vaults V2 and V3 remain unaffected.