Hacken’s Q1 2026 security snapshot tallies $464.5 million in losses across 43 Web3 incidents, underscoring a shift in where attackers hit and how damage accumulates. The report highlights phishing and social-engineering campaigns as the dominant threat, totaling $306 million in losses for the quarter. A separate, highly disruptive incident—a $282 million hardware-wallet scam in January—was responsible for 81% of the quarter’s damage, according to Hacken. Smart-contract exploits reached $86.2 million, while access-control failures, including compromised keys and cloud-service breaches, accounted for $71.9 million. The quarter stands as the second-lowest first quarter since 2023, helped by the absence of a Bybit-scale mega hack that drove much of the year-ago decline.

Hacken’s chief executive and co-founder, Yev Broshevan, emphasized a notable trend: the costliest failures increasingly occur outside the code itself. “The most expensive failures happen outside the code layer entirely,” he told Cointelegraph, pointing to real-world weaknesses in operational and infrastructure layers that traditional code audits often miss.

For context, Hacken’s review arrives as regulators and institutional players sharpen expectations around security. The report notes that regulatory regimes such as the European Union’s Markets in Crypto-Assets Regulation (MiCA) and the Digital Operational Resilience Act (DORA) are moving from framework to enforcement, while regulators in the UAE, Singapore, and Dubai’s regulator, among others, tighten oversight and incident-response requirements. These shifts are shaping what Hacken calls “regulator-ready” security stacks that demand continuous monitoring and rapid containment measures.

Key takeaways

• $464.5 million in losses across 43 incidents in Q1 2026, with phishing/social engineering driving $306 million of that total. A single January incident of $282 million hardware-wallet theft accounted for a large share of the quarter’s damage.
• Smart-contract exploits totaled $86.2 million, while $71.9 million stemmed from access-control and compromised-key or cloud-service failures.
• The quarter marks the second-lowest first quarter since 2023, aided by the absence of a mega hack on the scale of Bybit’s 2025 incident.
• Attack patterns are shifting toward operational and infrastructure risk, reinforcing the view that audits of on-chain code alone are insufficient to measure a protocol’s security posture.
• Regulators are tightening expectations. MiCA, DORA, Dubai’s VARA, Singapore’s Basel-aligned requirements, and the UAE’s Capital Market Authority push for stronger incident reporting, continuous monitoring, and defined response timelines.

Operational risk dominates the early 2026 landscape

The Hacken analysis stresses a transition in the vulnerability ledger from purely on-chain code issues to failures rooted in operations and infrastructure. The most expensive losses, the report suggests, arise from misconfigurations, compromised credentials, and weak third-party integrations rather than only from bugged smart contracts. This is consistent with a broader industry message: a robust security program must cover people, processes, and technology in parallel with code audits.

Hacken’s interview with Broshevan reinforces this view: the most consequential incidents tend to emerge from non-contract layers, such as identity and access management, cloud configurations, and supply-chain dependencies. The result is a security problem that requires defense-in-depth measures that extend beyond formal audits of deployed code.

Legacy code and multi-year vulnerabilities persist

Even as the industry grapples with modern attack vectors, the report highlights several high-cost incidents rooted in legacy deployments or well-known vulnerability patterns. Notably, a $26.4 million loss at Truebit stemmed from a Solidity contract bug deployed roughly five years ago. Venus Protocol faced a donation-style attack that exploited long-standing patterns around contract governance. In another example, a $40 million loss occurred via a North Korea-linked fake venture-capital outreach targeting Step Finance, illustrating how social-engineering campaigns still deliver significant damage.

In parallel, Resolv Labs experienced a compromise of its AWS key-management service, illustrating how access-control failures can underpin large losses even when the code itself isn’t the root cause. Hacken’s incident mapping also flags the broader “playbook” that attackers used in 2025—fake VC outreach, malicious video-call tooling, and endpoint compromises—that reportedly contributed to roughly $2.04 billion in sector-wide losses that year.

Beyond these marquee cases, six audited projects—among them Resolv (18 audits) and Venus (five auditing firms)—accounted for $37.7 million in losses. The data hints at a nuanced relationship between audit activity and loss exposure: higher-value protocols with more assets at stake may attract more sophisticated attackers, even if audited.

Audits, TVL, and the resilience gap

The finding that six audited projects were responsible for millions in losses despite having undergone multiple audits raises a practical question for builders: does audit severity or frequency translate into real-world risk reduction? Hacken notes that these audited protocols typically carry higher total value locked (TVL), which equates to bigger prize pools for attackers. In other words, audits alone may not solve the complex, multi-layer risk profile faced by high-TVL projects, underscoring the need for continuous security monitoring and layered defenses.

Regulatory tightening and the move toward “regulator-ready” security

The quarter’s regulatory backdrop reinforces the story that security is becoming a market and a compliance issue. MiCA and DORA are moving deeper into enforcement, with regional regulators increasing expectations for ongoing security practices. In Dubai, the Virtual Assets Regulatory Authority tightened its Technology and Information Rulebook, while Singapore has enforced Basel-aligned capital and rapid incident-notification timelines. The UAE’s new Capital Market Authority has assumed broader digital-asset oversight with stiffer penalties. Hacken frames these developments as a call to operators to demonstrate constant security readiness, not just to pass a one-off audit.

As part of this shift, Hacken advocates a concrete framework for “regulator-ready” security architectures. The blueprint includes:

• Proof-of-reserves attestations backed by daily internal reconciliation;
• 24/7 on-chain monitoring across treasury wallets and privileged roles;
• Automated circuit-breakers for minting and governance actions;
• Incident notification clocks calibrated to the strictest applicable standard.

Hacken also references a spectrum of response-time targets, distinguishing between “realistic” and “aspirational” goals. Realistic aims include awareness within 24 hours, labeling within four hours, and blocking within 30 seconds. Aspirational targets envision detection within 10 minutes and a 1-second block, drawing on data from Global Ledger’s 2025 Laundering Race. While ambitious, these benchmarks outline concrete steps for projects seeking to align with regulator expectations and institutional counterparties.

Threat actors, playbooks, and the evolving risk landscape

The report keeps returning to the human factor: North Korean actor clusters are identified as the most consistent operational threat in Q1 2026. The combination of social-engineering campaigns, fake professional outreach, and compromised employee endpoints continues to provide a reliable pathway to large losses. The Step Finance case and the Bitrefill-related infrastructure breach illustrate a broader pattern where attackers blend social manipulation with technical exploitation to extract value, often targeting high-value protocols with sophisticated tooling.

For investors, developers, and operators, the takeaway is clear: a successful‑looking deployment with strong smart contracts can still be undermined by weak operational practices, poor key management, or insufficient incident response readiness. The evolving threat landscape demands a multi-layered security approach, ongoing monitoring, and a clear plan for rapid containment—precisely what regulators are now pushing as non-negotiable standards. For builders, this means integrating security into product design from day one and maintaining a culture of continuous testing, diligence, and resilience.

Further reading and related reporting reinforce the broader context: industry-wide security incidents in early 2026 came with a cautionary reminder that DeFi risk resides not just in code but in how projects operate, govern, and respond under pressure. As enforcement tightens and security expectations rise, market participants will be watched not just for audits and audits’ results, but for visible, verifiable resilience across people, processes, and technologies.

Looking ahead, observers will be watching whether Q2 2026 echoes the Q1 trend toward infrastructure and operational risks or whether new defenses and policy measures begin to close the gap. The balance between code quality, operational hygiene, and regulatory compliance will determine how quickly the ecosystem can move toward a posture that can withstand both sophisticated attacks and tougher supervisory regimes.

Senhwa Biosciences, a clinical-stage biopharmaceutical company based in Taiwan, has entered a partnership with a global investment group to accelerate its artificial intelligence-related drug development.

According to an April 14 report, Senhwa Biosciences has signed a Memorandum of Understanding (MOU) with GEM Yield Bahamas Limited, an affiliate of Global Emerging Markets, where the latter will provide up to $16 million in capital to support Senhwa’s strategic growth.

These include the advancement of its clinical pipeline, the expansion of its oncology programs, and the scaling of its machine learning discovery platform.

Besides focusing on cancer research, the firm has been looking into innovative ways to interpret complex biological datasets. After leveraging its connections with Y Combinator, it collaborated with the biotech firm CellType to implement next-generation cell-to-sentence technology.

This system has led researchers to identify actionable insights more quickly, allowing for a more structured approach to finding combination treatments for various malignancies.

The AI-enabled validation process has shown that Senhwa’s lead compounds can effectively modulate immune responses within the tumor microenvironment.

It reinforces its cold-to-hot tumor strategy and thus enables Senhwa to stand out as a leader in the immuno-oncology 2.0 field. This comes as AI-assisted drug discovery becomes a standard for modern medicine. For instance, the ability to predict how a drug interacts with a resistant tumor can significantly shorten the time required for clinical trials.

As per Senhwa, the strategic funding will enable it to move its clinical trials forward alongside its technological expansion. This would significantly strengthen the company’s position in the global biopharmaceutical market.

At the same time, the partnership will likely open new doors for international collaborations and future commercialization.

Key Takeaways

• Oklo (OKLO) shares advanced 7.2% Monday, finishing at $53.85 with approximately 8.29 million shares changing hands
• Wall Street maintains a “Moderate Buy” consensus with an $84.30 average price target, despite recent downgrades from UBS, Citi, and B. Riley
• The company’s Q4 earnings per share came in at −$0.27, falling short of analyst expectations of −$0.17
• Company insiders offloaded more than 818,000 shares valued at approximately $50.9 million during the past quarter
• The company plans to bring its inaugural Aurora reactor online in Idaho by 2027, projecting revenues of $36 million by 2028

Shares of Oklo (OKLO) surged 7.2% during Monday’s trading session, settling at $53.85. The stock peaked at $53.96 intraday, representing a solid gain from Friday’s closing price of $50.25. Approximately 8.29 million shares traded hands, falling roughly 17% short of the stock’s typical daily volume of 10 million.

Oklo Inc., OKLO

The upward movement occurs as nuclear energy equities maintain investor attention, fueled by escalating electricity demands from artificial intelligence operations and data center expansion.

Oklo’s current valuation stands at approximately $9.35 billion. The stock trades significantly below its 50-day moving average of $60.16 and its 200-day moving average of $89.90.

Wall Street Analysts Lower Price Expectations

Analyst sentiment toward Oklo has moderated somewhat over recent weeks. UBS slashed its price objective from $95 down to $60 while maintaining a “neutral” stance. Citi reduced its target from $95 to $73.50, also with a “neutral” rating. B. Riley lowered expectations from $129 to $92 while retaining a “buy” recommendation.

Cantor Fitzgerald maintained its “overweight” position with a $122 price objective. Wedbush similarly preserved its “outperform” assessment.

The overall Wall Street consensus stands at “Moderate Buy” with an $84.30 average price target. While this remains substantially above current trading levels, analyst expectations have been trending downward.

Among 19 analysts tracking the stock, two assign a Strong Buy rating, nine recommend Buy, six suggest Hold, and two advise Sell.

Regarding financial performance, Oklo posted a quarterly loss of $0.27 per share, underperforming analyst projections of −$0.17 by $0.10. Wall Street forecasts a full-year loss of −$8.20 per share for the current fiscal year.

Company Executives Unload Significant Stock Holdings

Insider transactions have increased notably. CFO Richard Craig Bealmear divested 16,342 shares on April 1st at $51.08 per share, generating proceeds of approximately $834,749. This transaction decreased his holdings by about 4%.

William Carroll Murphy Goodwin, another insider, sold 2,820 shares in March at $56.69 each, reducing his position by approximately 15%.

Collectively, company insiders have sold 818,766 shares valued at roughly $50.9 million throughout the previous quarter. Despite these sales, insiders maintain 18.9% ownership, while institutional investors control 85.03%.

Oklo’s Aurora microreactor technology delivers 1.5 MW of power independently and can expand to 75 MW per installation. The platform is designed for remote and off-grid applications, utilizing metallic uranium fuel capable of operating approximately ten years between refuelings.

The company currently generates minimal revenue. Its inaugural 75 MW Aurora Powerhouse reactor deployment in Idaho is scheduled for 2027. Additionally, Oklo secured a U.S. Department of Defense agreement to construct a reactor at Eielson Air Force Base in Alaska.

Revenue projections show growth from less than $1 million in 2026 to $36 million by 2028.

Key takeaways

• BTC is approaching $75,000 after adding nearly 5% to its value since Monday.
• The rally comes despite the ongoing crisis in the Middle East.

Bitcoin (BTC) has stabilized above $74,000 as of Tuesday’s press time, following a 5% rally the previous day. This price surge comes as the US enforces a blockade on the Strait of Hormuz during ongoing peace talks with Iran. US Vice President JD Vance hints at a grand deal in the works, demanding an end to Iran’s nuclear ambitions.

Market sentiment recovers with $500M in liquidations

The broader cryptocurrency market is seeing a recovery, with over $500 million in liquidations across the last 24 hours, primarily driven by short squeezes. Aave (AAVE), Algorand (ALGO), and Ethereum (ETH) are leading the charge in the market’s upward momentum.

As negotiations between the US and Iran progress, the US military has started blocking the Strait of Hormuz, halting the movement of transiting ships. Vice President JD Vance emphasized that the situation is now in Iran’s hands, with the primary focus of US talks being Iran’s nuclear material exit and halting uranium enrichment. Former President Donald Trump also commented that “the other side” has approached him for a deal.

The peace talks appear to be fueling a “risk-on” sentiment, especially in the cryptocurrency market. According to CoinGlass data, the last 24 hours saw $531 million in liquidations, with $426 million attributed to short liquidations. This massive short squeeze indicates a major bearish wipeout.

Bitcoin is approaching key resistance levels

The BTC/USD 4-hour chart remains bearish and efficient despite the recent rally. Bitcoin remains in a neutral-to-bullish trend, holding above its 50-day Exponential Moving Average (EMA) at $71,019. However, it is still capped below the 100-day EMA at $75,309.

Immediate resistance lies near the 100-day EMA and the 23.6% Fibonacci retracement level at $75,623, from a previous downtrend spanning $126,199 to $60,000. A daily close above this range would signal potential upward movement, with the next target being the 200-day EMA at $82,936, followed by the 50% Fibonacci retracement at $93,099.

Market momentum is favoring the bulls, with the Relative Strength Index (RSI) at around 62 and the Moving Average Convergence Divergence (MACD) in positive territory, both suggesting upward pressure is gaining traction.

On the downside, Bitcoin’s initial support is found at the 50-day EMA around $71,019. A break below this support could weaken the current bullish momentum and push the price lower, potentially testing the Fibonacci support level near $60,000.

Stretch (STRC), the perpetual preferred security sold by Strategy (MSTR) to fund its bitcoin BTC$74,662.03 purchases, posted record trading volume on Monday, funding the biggest single-day buying splurge through the company’s at-the-market (ATM) program.

The world’s largest publicly traded bitcoin holder is estimated to have added 7,800 BTC, according STRC.live, as STRC volume surged to $1.16 billion, more than four times the 30-day average of $278 million.

This comes after Strategy purchased $1 billion worth of bitcoin last week, funded entirely by STRC, which offers an 11.5% annual dividend, paid monthly in cash. The stock maintained its $100 par value throughout the entire trading session.

Historically, the trading day preceding the ex-dividend date, the cutoff date after which new buyers are no longer entitled to the next dividend payment, tends to see the highest trading volume. That’s Wednesday, so it’s possible trading on Tuesday may be even higher than Monday’s record.

STRC now has a market capitalization of $6.4 billion, exceeding the combined market cap of the company’s other preferred securities, including STRD at $1.1 billion, STRK at $1 billion, and STRF at $1.2 billion, according to the MSTR dashboard.

The common stock rose 2.9% on Monday and was 3.7% higher in pre-market trading.

Read More: The one metric investors are overlooking in Michael Saylor’s Strategy

Key takeaways

• Hyperliquid is up 8% in the last 24 hours, maintaining its position in the top 10.
• The coin could rally towards the $50 psychological level if the bullish sentiment persists.

Hyperliquid (HYPE) continues its upward momentum, trading above $44 as of Tuesday after an 8% surge on the previous day. With strengthening on-chain data, favorable derivatives metrics, and technical analysis pointing to further gains, the outlook for HYPE remains bullish, with a target of $50 in sight.

Bullish Sentiment Backed by On-Chain and Derivatives Metrics

On-chain data from CryptoQuant suggests a strong buy-side dominance in both Hyperliquid’s spot and futures markets, with cooling conditions indicating a favorable environment for a potential price rise. The market shows mostly neutral conditions across other metrics, reinforcing the possibility of an upside move.

On the derivatives front, CoinGlass data reveals that HYPE’s futures Open Interest (OI) has surged to $1.96 billion on Tuesday, up from $1.5 billion on April 3. This steady rise in OI points to new capital entering the market, which could propel HYPE’s price higher. This is the highest level of futures OI seen since early November.

Moreover, CoinGlass’ long-to-short ratio for HYPE stands at 1.04, signaling a predominantly bullish sentiment in the market, as more traders expect the price to rally.

Price Forecast: HYPE bulls target $50

The HYPE/USD 4-hour chart is extremely bullish and efficient. HYPE’s price has extended its gains, surpassing the March high of $43.75 and reaching above $44 on Tuesday. If the upward trend continues, HYPE could target the October 30 high of $50.15.

The Relative Strength Index (RSI) on the daily chart is currently at 69, indicating strong bullish momentum as it moves toward overbought territory. Additionally, the Moving Average Convergence Divergence (MACD) indicator recently showed a bullish crossover on April 10, further supporting a positive outlook for HYPE.

Should HYPE experience a pullback, it could find support near the psychological $40 level. However, the prevailing market conditions suggest a strong potential for further upside, with $50 being the next major resistance.

UK Liberal Democrats have urged the Financial Conduct Authority (FCA) to investigate Nigel Farage’s ties to Bitcoin treasury company Stack BTC after it disclosed a 37 Bitcoin purchase and published promotional material featuring the Reform UK leader, who is also a shareholder.

In a letter to the FCA, Liberal Democrat deputy leader Daisy Cooper asked the regulator to investigate whether Farage breached market rules by appearing in a promotional video for Stack BTC while holding a financial stake in the company.

“The FCA must investigate whether Farage’s plans to cash in on Crypto could potentially amount to market abuse and a conflict of interest,” she wrote, adding that “we cannot allow political leaders to treat the financial markets like a personal piggy bank to potentially line their own pockets.”

Stack BTC said Monday that it purchased 37 Bitcoin (BTC) for roughly $2.7 million as part of its treasury strategy. In a video tied to the purchase, Farage said that a Bitcoin treasury company cannot exist without holding Bitcoin.

The scrutiny adds to questions over the intersection of crypto and UK politics as Farage deepens his involvement with Stack BTC and lawmakers push for tighter rules on digital asset donations to political parties. An FCA spokesperson told Cointelegraph that they will “review the letter and respond directly.”

Cointelegraph reached out to Stack BTC for comment, but had not received a response by publication.

Related: UK sanctions $20B scam market by cutting ‘legitimate’ crypto ties

Farage deepens ties to Stack BTC

Farage, leader of Reform UK, has recently deepened his relationship with Stack BTC. In March, he disclosed a $286,000 equity investment in the company, acquiring a 6.31% stake in the company through his media vehicle Thorn In The Side.

Stack BTC, chaired by former UK Chancellor Kwasi Kwarteng, holds over 68 BTC purchased at an average cost of $72,400 per coin, according to its website.

Cooper’s letter also references the record 9 million British pounds (about $12 million) donation to Reform UK from early crypto investor Christopher Harborne and Farage’s push for crypto-friendly policies.

“Taken together, these facts beg the question whether Mr Farage is promoting cryptocurrencies through his political platform in order to inflate crypto values for his own financial benefit, as well as that of his party and his inner circle of donors,” she wrote.

Related: UK lawmakers seek moratorium on crypto donations to political parties

UK moves to ban crypto political donations

Last month, the Rycroft Review recommended a moratorium on cryptocurrency donations to political parties, warning they could open the door to foreign financial interference in UK elections. The UK government moved forward with the proposal, with Prime Minister Keir Starmer stating the government will impose a temporary ban on crypto donations until stronger safeguards are in place.

Several members of parliament, including the chair of the security committee, have been pushing for a full ban this year.

Magazine: How crypto laws changed in 2025 — and how they’ll change in 2026