Topic digest

Blockchain news and engineering summaries

Blockchain news covering smart contracts, decentralized applications, Web3, and cryptocurrency technology trends from Hacker News and Reddit.

20 recent stories

Latest ranked stories

Current Blockchain stories

These stories are ranked from recent public source activity and shown as a preview of what a configured digest can deliver.

Someone Bought 30 WordPress Plugins and Planted a Backdoor in All of Them
01Thursday, April 9, 2026

Someone Bought 30 WordPress Plugins and Planted a Backdoor in All of Them

A major supply chain attack compromised over 30 WordPress plugins from the 'Essential Plugin' library. After being sold on Flippa to a commercial buyer, the plugins were updated with a dormant backdoor that triggered months later, using blockchain-based command-and-control to inject spam. WordPress.org eventually closed the plugins, but users must manually clean their compromised wp-config.php files.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Hacker News1053 pts
Peerweb: Decentralized website hosting via WebTorrent
02Friday, January 30, 2026

Peerweb: Decentralized website hosting via WebTorrent

PeerWeb is a decentralized website hosting platform that leverages WebTorrent technology to distribute content across a peer-to-peer network. By removing the dependency on centralized servers, the platform ensures that websites are censorship-resistant and maintain high availability through community seeding. Users can easily host sites by dragging and dropping folders, which generates a unique torrent hash. PeerWeb includes advanced features like smart caching for improved performance, debug modes for developer troubleshooting, and security measures integrated via DOMPurify. Its architecture represents a significant shift toward a decentralized web, where magnet links and trackers replace traditional hosting infrastructures.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Hacker News346 pts
a fake bug fix PR hid a credential stealer in astro.config.mjs that used blockchain to receive commands
03Thursday, June 11, 2026

a fake bug fix PR hid a credential stealer in astro.config.mjs that used blockchain to receive commands

A malicious pull request in the Egonex-AI/Understand-Anything repository uses a supply chain attack targeting Astro’s build pipeline. The attacker hides an obfuscated payload in astro.config.mjs, which executes during build or dev processes. It beacons C2 servers and uses Tron/BSC blockchain transactions as a command-and-control relay to fetch and execute secondary payloads, mirroring the PolinRider campaign.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Reddit316 pts
Obsidian plugin was abused to deploy a remote access trojan
04Sunday, May 10, 2026

Obsidian plugin was abused to deploy a remote access trojan

Researchers discovered a social engineering campaign targeting finance and crypto sectors using a malicious Obsidian vault. Victims are tricked into enabling community plugins, triggering the PHANTOMPULSE RAT. This malware features a sophisticated blockchain-based C2 mechanism for resilience, enabling full system control on Windows and macOS. Defensive measures include plugin restrictions and user training.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Hacker News314 pts
Thief of $90M in seized U.S.-controlled crypto is gov't contractor's son
05Friday, January 23, 2026

Thief of $90M in seized U.S.-controlled crypto is gov't contractor's son

On-chain investigator zachxbt has publicly identified an individual known online as 'Lick' as John Daghita, allegedly involving him in cryptocurrency theft. Following the exposure, Daghita attempted to erase his Telegram history and sent unsolicited funds from a theft-linked address to zachxbt's public wallet. The investigation highlights a significant conflict of interest, as John Daghita is the son of Dean Daghita, owner of Command Services & Support (CMDSS). CMDSS recently secured a contract with the US Marshals to manage seized cryptocurrency assets. In response to the allegations, CMDSS scrubbed its digital presence, raises serious questions regarding the vetting process for government contractors handling sensitive digital assets and the Department of Justice's oversight of their service providers.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Hacker News309 pts
Show HN: Freenet, a peer-to-peer platform for decentralized apps
06Thursday, May 21, 2026

Show HN: Freenet, a peer-to-peer platform for decentralized apps

Freenet is a peer-to-peer decentralized platform that enables unstoppable communication, collaboration, and commerce. By utilizing open protocols and a small-world network, it eliminates the need for central servers. Developers can build serverless, cloud-free applications using Rust and TypeScript, while users benefit from private, censorship-resistant, browser-based web experiences.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Hacker News298 pts
How Monero's proof of work works
07Monday, May 4, 2026

How Monero's proof of work works

Monero uses RandomX for its proof of work, a mechanism designed to be CPU-friendly by executing random programs on a specialized virtual machine. Unlike Bitcoin's SHA-256, which favors ASICs, RandomX forces miners to utilize memory-intensive operations, floating-point math, and branch handling, effectively neutralizing the advantage of specialized mining hardware to ensure network decentralization.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Hacker News273 pts
Bitcoin miners are losing on every coin produced as difficulty drops
08Saturday, April 11, 2026

Bitcoin miners are losing on every coin produced as difficulty drops

Bitcoin miners face a crisis, with average production costs of $88,000 against a $69,200 market price. Rising energy costs from geopolitical tensions have caused hashrate drops and a 7.76% difficulty decline. Many miners are diversifying into AI and high-performance computing to mitigate losses as forced liquidations continue to impact the market structure.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Hacker News193 pts
The age of Pump and Dump software
09Tuesday, January 27, 2026

The age of Pump and Dump software

The emergence of 'Pump and Dump Software' represents a cynical convergence of generative AI and cryptocurrency scams. Following the 2025 boom in 'vibe coding'—where large language models allow individuals to generate massive amounts of code without deep technical understanding—a new fraudulent pattern has emerged. Developers create unmaintainable, AI-generated software blobs at a high token cost, then partner with crypto entities to launch associated shitcoins. Through aggressive astroturfing and FOMO-driven marketing, they lure unsuspecting users and investors before liquidating the currency and abandoning the project. This cycle exploits the rapid pace of the tech industry, leaving users with broken tools and investors with worthless tokens. Projects like 'gastown' and Clawdbot are cited as examples of this deceptive trend, highlighting the need for critical evaluation of hyped AI tools.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Hacker News178 pts
War prediction markets are a national-security threat
10Saturday, March 7, 2026

War prediction markets are a national-security threat

Prediction markets like Polymarket are emerging as significant national security risks. Suspiciously timed bets preceded military strikes in Iran and Venezuela, suggesting potential insider trading by individuals with classified knowledge. While these platforms offer forecasting signals, they also allow adversaries to anticipate secret operations, potentially leading to retaliation or Compromised military objectives through financial incentives.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Hacker News176 pts
Bitcoin and quantum computing
11Friday, April 3, 2026

Bitcoin and quantum computing

A cryptographically-relevant quantum computer (CRQC) poses an existential threat to Bitcoin by breaking current signature schemes. While the exact timeline is uncertain, the risk necessitates proactive planning. The upgrade requires complex consensus changes, wallet migrations, and ecosystem coordination. Experts argue that prioritizing post-quantum cryptographic development is essential for Bitcoin's long-term survival and security.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Hacker News142 pts
Y Combinator will let founders receive funds in stablecoins
12Tuesday, February 3, 2026

Y Combinator will let founders receive funds in stablecoins

Y Combinator, the world-renowned startup incubator, has announced a significant shift in its funding strategy by offering its spring cohort the option to receive their $500,000 investment in USDC, a stablecoin issued by Circle. This move, led by visiting partner Nemil Dalal, reflects a growing commitment to on-chain capital raising and the broader crypto ecosystem. Founders can choose to receive these tokens across multiple blockchains, including Ethereum and Solana. Despite the current volatility in the broader cryptocurrency market, stablecoins are increasingly viewed as essential financial infrastructure for modern startups. This transition aligns with major industry moves, such as Stripe's acquisition of Bridge and interest from tech giants like Cloudflare. Y Combinator aims to institutionalize stablecoin use for its operational speed and lower transaction costs, signaling a future where blockchain-based funding becomes standard for tech entrepreneurs globally.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Hacker News137 pts
HardenedBSD Is Now Officially on Radicle
13Sunday, April 26, 2026

HardenedBSD Is Now Officially on Radicle

HardenedBSD has begun migrating its code repositories to Radicle, a decentralized code collaboration platform. While core functionality is operational, including basic ports tree integration, the project is still addressing performance tuning for large repositories. Users can now seed and clone official HardenedBSD repositories from their dedicated node infrastructure.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Hacker News134 pts
Fil-Qt: A Qt Base build with Fil-C experience
14Monday, January 19, 2026

Fil-Qt: A Qt Base build with Fil-C experience

The fil-qt repository is a specialized C++ framework tailored for local development workflows within the Filecoin ecosystem. It leverages the Qt framework to provide a cross-platform graphical user interface for managing Filecoin actors and network interactions. Key features include tools for visualizing state transitions, debugging smart contracts, and streamlining the deployment process for developers working on the Filecoin Virtual Machine (FVM). By integrating these technical components, the project aims to lower the barrier to entry for building decentralized applications and maintaining robust nodes in a local testing environment.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Hacker News126 pts
Who Owns Your ATProto Identity? Hint: It's Probably Not You
15Sunday, June 21, 2026

Who Owns Your ATProto Identity? Hint: It's Probably Not You

The ATProto architecture faces a critical security vulnerability because Personal Data Server (PDS) operators hold user signing and rotation keys. This allows operators to impersonate users across the entire ecosystem or lock them out entirely. To improve sovereignty, users should be prompted to enroll self-controlled rotation keys by default to mitigate trust-based centralization risks.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Hacker News114 pts
NLnet announces funding for 67 more open-source projects
16Tuesday, June 16, 2026

NLnet announces funding for 67 more open-source projects

The Next Generation Internet (NGI) initiative has awarded grants to 67 open-source projects. These initiatives span the entire technology stack, from secure hardware and privacy-preserving payment systems to decentralized communication tools and AI. Funded by the European Commission, these projects aim to promote digital autonomy, human-centered internet standards, and a resilient, open information infrastructure.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Hacker News100 pts
The Resolv hack: How one compromised key printed $23M
17Sunday, March 22, 2026

The Resolv hack: How one compromised key printed $23M

The Resolv DeFi protocol lost $25 million after attackers compromised their AWS KMS environment to access privileged signing keys. By exploiting this off-chain weakness, hackers bypassed smart contract logic to mint 80 million unbacked USR tokens. This incident highlights the critical need for real-time, on-chain threat detection to safeguard against vulnerabilities in off-chain infrastructure.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Hacker News100 pts
sneakerweb
18Monday, July 6, 2026

sneakerweb

Sneakerweb is a permissionless, peer-to-peer web publishing protocol that replaces DNS and traditional hosting with physical storage media. By using the Willow protocol, it ensures data integrity and enables offline browsing and sharing via .snk files. Users manage content through a dedicated CLI, allowing for local storage, publishing, and synchronization without centralized infrastructure.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Lobsters83 pts
100 Daily Challenges to Learn Web3 and Solana
19Friday, April 17, 2026

100 Daily Challenges to Learn Web3 and Solana

The 100 Days of Solana program is a free, structured challenge designed to help developers transition from Web3 curiosity to building live applications. Through weekly thematic arcs and collaborative community support on Discord, participants learn to build, ship, and explore the Solana ecosystem, benefiting from its fast, low-cost transaction environment.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Dev.to79 pts
H&R Block tax software installs a TLS root certificate with bundled private key
20Friday, March 20, 2026

H&R Block tax software installs a TLS root certificate with bundled private key

Users of H&R Block Business 2025 software are warned of a critical security vulnerability. The application installs a rogue root certificate with an accessible private key, exposing systems to potent Man-in-the-Middle attacks. The certificate persists after uninstallation, and H&R Block has failed to remediate the issue despite internal awareness.

Summaries are AI-generated to help you scan faster. Open the original source for full context.

Sources:Lobsters44 pts

Get a Blockchain digest by email

Create a Snapbyte.dev digest and choose Blockchain as one of your topics.

Snapbyte workflow

Build a digest around your developer updates

Choose topics, sources, language, schedule, and timezone. Snapbyte turns that setup into a focused digest with summaries and original links.