Binance CEO Changpeng Zhao stated that user funds are "SAFU" after a Trust Wallet browser extension exploit enabled attackers to steal $7 million in crypto. The incident involved Version 2.68 of the desktop extension, and Trust Wallet has issued Version 2.69 to patch the vulnerability. On-chain data shows roughly $2.8 million remains in attacker addresses, while more than $4 million has been routed through centralized exchanges.

Trust Wallet reported a security issue affecting its browser extension v2.68 on December 25 and urged users to disable it and update to v2.69. Hundreds of accounts saw unauthorized outflows totaling over $6 million across SOL, BTC, and EVM tokens. Funds moved through multiple addresses, while mobile-only users were not affected.

The Bank of Lithuania set December 31, 2025 as the cutoff for crypto asset service providers to obtain MiCA licenses, with unlicensed operations to stop from January 1, 2026. Roughly 370 entities are affected, yet only about 30 have applied so far, and non-compliance may bring fines and up to 4 years' imprisonment.

A vulnerability in Trust Wallet's browser extension version 2.68 led to nearly $6 million in crypto losses across Bitcoin, Ethereum, and Solana on December 24–25, 2025. Trust Wallet has confirmed the issue, urged users to stop using v2.68, and instructed them to upgrade to version 2.69 while its team investigates and contacts affected users.

On Dec. 24, XRPL Labs lead software engineer Denis Angell announced that the XRP Ledger’s AlphaNet has integrated post-quantum cryptography and native smart contracts. The upgrade replaces elliptic curve signatures with the NIST-standardized ML-DSA (CRYSTALS-Dilithium) scheme, introducing Quantum Accounts, Transactions, and Consensus while significantly increasing signature size to about 2,420 bytes. Alongside enhanced quantum resistance, the update brings base-layer smart contract capabilities designed to expand XRPL’s DeFi ecosystem beyond payments.

On 25 December, blockchain investigator ZachXBT and other researchers raised security concerns about a recent Trust Wallet browser extension update. They allege that new code added on 24 December may exfiltrate seed phrases and wallet data to a spoofed domain, with users reporting rapid fund drains exceeding $2 million. The reports suggest a potential supply-chain compromise limited to the browser extension, while Trust Wallet has not yet issued any public response.

Pudgy Penguins ran animated visuals across the Las Vegas Sphere’s exterior, with the display going live on Christmas Eve, according to a post on X. The 2021-founded NFT project, acquired by Luca Netz in April 2022 for $2.5 million in Ether, has broadened into physical toys alongside digital collectibles.

Changpeng Zhao has called for coordinated industry measures to combat address poisoning scams after a trader lost about $50 million in USDT in a single phishing incident. He is pushing for wallet-level spam filters, blacklists, and warnings, as security firms highlight rising dusting attacks and broader crypto fraud losses running into tens of billions of dollars.