NEAR Protocol Loses $7M to Fake Token Attack

A vulnerability in a Uniswap V3 callback function led to a **$257.8K exploit** on Ethereum. The attack exploited a **missing access control check** on the `uniswapV3SwapCallback` function, allowing unauthorized execution. **Key Details:** - Attack vector: Unprotected callback function in smart contract - Amount lost: $257,800 - Network: Ethereum mainnet - Detection: Flagged by real-time security monitoring **Technical Context:** The vulnerability highlights a common smart contract security gap where callback functions lack proper access restrictions. Without validation that only authorized contracts can trigger callbacks, attackers can manipulate execution flow. This incident follows recent price manipulation exploits on Ethereum and BSC, where attackers used flash loans and unprotected swap functions to drain liquidity pools. **Prevention Measures:** - Implement access control checks on all callback functions - Use slippage protection in swap operations - Deploy pre-execution security screening - Audit contracts before deployment Real-time detection systems caught the exploit as it occurred, demonstrating the value of continuous blockchain monitoring for identifying attack patterns before significant damage occurs.

A critical security breach on the Polkadot bridge allowed an attacker to gain admin access and mint unlimited bridged DOT tokens. **What happened:** - Forged cross-chain message bypassed state proof validation - Attacker gained admin control over bridged DOT token contract - Infinite minting enabled, entire supply dumped for $237,000 - DOT price crashed to near zero Forta Firewall detected and flagged the exploit in real-time, but the damage was already done. **The bigger question:** This incident highlights the ongoing vulnerability of cross-chain bridges and raises concerns about whether DeFi protocols are taking security infrastructure seriously enough.

**IoTeX Bridge Exploit: $8M Drained** The @iotex_io Bridge suffered a major security breach on February 28, 2026, losing $4.3M initially and escalating to $8M within 90 minutes. The attack was executed through a single compromised private key. **Key Details:** - Attack vector: Compromised private key - Timeline: $4.3M → $8M in 90 minutes - Detection: Forta Firewall caught the attacker's mainnet movements in real-time **Recent Context:** Just two days earlier, a @FOOMCASH lottery-contract exploit put $1.8M at risk. Forta Firewall flagged the attack in real-time and successfully blocked it on Firewall-enabled chains. This incident highlights the ongoing security challenges in cross-chain infrastructure and the critical importance of private key management in blockchain systems. Real-time detection systems like Forta Firewall are proving essential for identifying threats, though prevention remains dependent on proper security practices. Learn more about Forta Firewall: [Introducing Forta Firewall](https://forta.org/blog/introducing-forta-firewall/)

**AI-powered blockchain security gains recognition** as Forta Firewall appears in Messari's latest State of AI report. The inclusion highlights how **artificial intelligence is becoming integral** to onchain security infrastructure. Forta's AI-driven transaction screening technology represents the evolution of blockchain defense mechanisms. - AI-powered attackers require AI-powered defenders - Real-time transaction screening at scale - Growing integration across multiple blockchain networks With **290M+ transactions already screened**, Forta Firewall demonstrates practical AI implementation in blockchain security, moving beyond theoretical applications to active threat detection.