SlowMist said three tainted node-ipc releases (9.1.6, 9.2.3, 12.0.1) were published on May 14 after attackers took over a dormant npm maintainer account. The injected code was designed to exfiltrate .env secrets, crypto private keys, exchange API credentials, and cloud tokens, and projects that installed or auto-updated during the roughly two-hour exposure window were urged to audit dependencies and rotate credentials.

Binance Research said in a May 15 report that tokenized real-world assets could approach about US$1.6 trillion by 2030 as institutions expand pilots of blockchain-based versions of traditional products. The report highlighted U.S. Treasury-linked tokens as roughly half of current RWA value, with tokenized gold around $5.1 billion and tokenized public equities near $1.5 billion after rising from under $300 million at the start of 2025.

Intercontinental Exchange and Chicago Mercantile Exchange are urging US regulators to limit Hyperliquid's move into energy-related onchain derivatives, citing risks to oil and gas markets. Hyperliquid's HIP-3 framework, launched in January 2025, lets users create new perpetual futures markets by staking 500,000 HYPE tokens, valued at about $22.2 million.

Solayer has introduced a Visa-compatible payment card that lets users spend USDC through online, in-store and contactless purchases, with ATM withdrawals available in supported regions. The card can be ordered via the Solayer Pay app; existing users can request it for free, while new users pay a $20 annual activation fee.

A U.S. Army soldier placed a $32,537 wager on Polymarket at 3 a.m. on January 3, 2026, betting Nicolás Maduro would be removed within a month, and the position later paid out $436,000. He was indicted on April 24, 2026 and pleaded not guilty, highlighting that U.S. rules still lack a clear line between lawful information advantages and illegal use of material non-public information in crypto prediction markets.

THORChain said on 15 May it automatically detected abnormal activity and halted signing, pausing churn after one of its Asgard vaults was compromised. The exploit drained roughly $10.7 million to $10.8 million, with the protocol saying early signs indicate user funds were not directly impacted and losses were limited to protocol-owned funds. Separate commentary from Ledger CTO Charles Guillemet suggested the incident may relate to MPC/TSS signing infrastructure, though the root cause has not been confirmed.

CME and ICE are pushing U.S. regulators and lawmakers to apply existing financial rules to Singapore-domiciled, blockchain-based exchange Hyperliquid. They argue that anonymous trading on the platform could distort global oil pricing benchmarks and enable manipulation, and want it to register with the CFTC and add customer ID and surveillance controls.

THORChain halted trading on Friday morning following a cross-chain exploit estimated at over $10 million across Bitcoin, Ethereum, BNB Smart Chain, and Base. RUNE fell about 10% within hours to $0.52 as the team also stopped on-chain signing as a precautionary step.