Drift Protocol says Insurance Fund deposits were not impacted by the exploit and can still be withdrawn after relaunch.

This crypto whale out maneuver have been drawing green arrows in the derivatives and onchain trading markets this week after transferring tens of millions of dollars from binance to aggressively accumulate exposure to HYPE tokens. On-chain data showed that 0x92ea withdrew about $40 million of USDC from Binance and sent $10 million USDC to Hyperliquid. Once deposited, the wallet instantly started buying HYPE tokens. Onchain data suggests the whale has purchased more than 22,700 HYPE worth approximately $1.16 million, and purchases are still ongoing. This swift buildup captured the attention of market participants monitoring large capital flows between perpetual and spot markets. Some market experts have tentatively connected this wallet to cryptocurrency trader Garrett Bullish according to similar behavioral patterns identified in earlier trades. While there has been no official confirmation of the person behind the wallet, many crypto trading communities have speculated wildly. A mysterious whale (0x92ea) withdrew 40M $USDC from #Binance , then deposited 10M $USDC into Hyperliquid to buy $HYPE . So far, the whale has bought 22,700 $HYPE ($1.16M), and the purchase is still ongoing. https://t.co/59gh6mbFfV pic.twitter.com/yX3HP37w2E — Lookonchain (@lookonchain) May 20, 2026 Hyperliquid Also Keeps Attracting Big Traders This also marks an important close for Hyperliquid and its evolution as a large-scale onchain derivatives trading venue. The platform has particularly attracted high-volume traders in the last year, targeting those who want decentralized perpetual futures infrastructure complete with far deeper liquidity and better performance than using centralized competitors. It has grown increasingly popular among institutional players due to its rapid execution speeds and growing market depth. Here, the whale not just stacked spot HYPE bag but even allegedly a long strategy based on TWAP at the token level. TWAP, or Time-Weighted Average Price is a method common in used by institutional traders under whose orders are split across time acquire minimal slippage on average. The Onchain data indicates that the wallet acquired nearly 21,300 HYPE for an average cost of around $49.96 before opening a considerably larger TWAP long position amounting to about 90,400 HYPE at a net average entry price of $50.60. This size and speed of exorbitant accumulation has led to speculation that the trader expects even further price appreciation in HYPE, especially as Hyperliquid’s presence continues to deepen in decentralized derivatives trading. Market Speculations on Whale Accumulation The largest transactions that occur in crypto markets draw greater attention than others, typically indicative of shifts in institutional tone or diligent foresight ahead of major developments. The most obvious of these was the quickly realized $40 million positioned post withdrawal from Binance into HYPE exposure. Traders have followed closely whether the wallet will increase its position further. Market sentiment is often moved by whales, with ecosystem-native tokens that have direct correlations to platform growth being particularly impacted. HYPE is the native token of Hyperliquid, so growing trading activity on the platform will also directly expand demand dynamics behind the asset. This heavy absorption comes as this competition intensifies between protocol liquidity and centralized exchanges looking to attract liquidity/users. Deep liquidity and professional trading strategies are drawing migration towards platforms positioning as credible alternatives in the derivatives space. The whale’s moves are viewed not only as a directional bet on HYPE but also an implicit endorsement of Hyperliquid’s long-term possible future growth within decentralized finance, according to many market participants. Onchain Transparency Is Changing The Story Of Trading The ability to track large wallet movements effectively in near real-time is still one of the hallmarks of crypto markets. While institutional positioning remained murky for months in traditional financial markets, blockchain infrastructures allow keen observers to see capital flows, exchange withdrawals and trading behavior nearly instantly. This transparency often transforms whale activity into a narrative source that can impact general sentiment across the entire market. This is a direct consequence of the recent HYPE increasing wallet that became one of the most talked-about wallets on chain and by crypto traders as soon as those transactions were out in the wild for all to see. This enabled users to follow the order in which Binance withdrawals were conducted, along with the deposits into Hyperliquid and trading that subsequently took place, almost immediately after each transaction was conducted through blockchain explorers and monitoring tools. But this level of visibility also encourages speculation. After big wallets are seen accumulating, retail traders often try to front-run impending momentum or read whale activity as insiders betting on ‘where the market is going in the future. That tension has become particularly acute within the ecosystems of decentralized finance, where blockchain transparency turns capital movements into price-moving signals in their own right. The Ecosystem Momentum of Hyperliquid Continues to Grow The whale accumulation occurred alongside a time of surging demand for Hyperliquid itself and the decentralized derivatives industry as a whole. In this environment, decentralized perpetual exchanges have gained momentum as traders seek alternatives that provide self-custody and onchain transparency, along with diminished reliance on centralized intermediaries. Hyperliquid is quickly establishing itself as one of the leading performance-first decentralized trading protocols with an increasingly deep liquidity pool. The HYPE token, ecosystem-native tokens in general, tend to be highly correlated with trading volume on the platform they serve and levels of user engagement and speculative interest surrounding future growth. This surge in whale activity further emphasizes a trend of large-scale traders investing significant capital directly into decentralized trading ecosystems rather than relying entirely on centralization. Whether this build up indicates short term trading or long-term conviction, it has already brought a laser focus on Hyperliquid and HYPE in the market. Traders across the crypto market are now closely watching to see if the whale continues to put more capital into these assets and whether other large players enter back in and engage with the ecosystem. Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services. Follow us on Twitter @nulltxnews to stay updated with the latest Crypto, NFT, AI, Cybersecurity, Distributed Computing, and Metaverse news !

Stablecoin settlement growth increasingly strengthened institutional interest in regulated blockchain infrastructure.

A new cybersecurity breach rocked the developer community tonight, as hacker collective TeamPCP claims to have exfiltrated the source code from around 4,000 internal private repositories within GitHub. The group is actively advertising this dataset on dark web forums with a price tag of $50,000 and includes sample files as proof of the breach to entice potential customers. The hackers, however, go on to condition that without the sale of this database to any buyer, they will release the entire dataset for free, ratcheting up pressure on GitHub and its worldwide customers. The extent of the breach, as well as details about the internal repositories implicated in it, are a source of widespread concern among developers, enterprises and security analysts. The information of early leaks hints that the data might include sensitive internal tools, proprietary systems as well as vital infrastructure elements found in GitHub. The situation is still developing as more details emerge. MistEye TI Alert Based on recent intelligence, multiple high-frequency npm packages, including AntV and Echarts-for-react, as well as the durabletask Python SDK, have been compromised by Mini Shai-Hulud supply chain attacks. Notably: 1. May 19, 2026: The npm account atool… pic.twitter.com/MKytsmFiy7 — SlowMist (@SlowMist_Team) May 20, 2026 GitHub Confirms The Hacked and Now Investigating The incident was reported by GitHub itself, which has confirmed that an investigation is underway into what it refers to as “unauthorized access to internal repositories.” The breach has been detected within minutes and containment measures have already been applied, the company stated. In a detailed update, GitHub has blamed the attack on an employee device where compromised versions of Visual Studio Code extensions were installed. The attack vector was the compromised plugin, allowing intruders to penetrate internal networks before gaining access to such repositories. GitHub comments that while investigations are still ongoing, it seems to have confined the breach to internal repositories, and has not yet had any impact on private customer repos. Regardless, the device is isolated, malicious extension uninstalled and a complete incident response workflow has taken place. 1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version,… — GitHub (@github) May 20, 2026 Entry point identified: Poisoned VS Code extension A compromised VS Code extension, one of the most common types of attack vector nowadays on development environments, is at the heart of this breach. The extensions are often installed for developer productivity purposes, but can pose a considerable risk if they include malicious code. The extension is used as a backdoor which gives these attackers access to the employee’s workstation. From there, they traversed laterally through GitHub’s internal network and spent months retrieving data from various repositories before the incursion was noticed. This is one of the most important growing weaknesses in software supply chains; trusted tools can turn into an attack vector if malignant actors hijack them. Plugins and integrations are the favorite go-to, delivery mechanism for developers along with organizations without much security vetting. It is a reminder that even widely-trusted platforms, with extensive security measures in place, GitHub, for one, can be vulnerable to attacks through less-obvious points of entry. Thousands Of Internal Repositories Might Be Exposed The number of repositories the attacker claims was accessed, about 3,800, corresponds roughly with an internal GitHub investigation into the hacked accounts, although the company has not confirmed that number publicly. It acknowledges that a considerable amount of internal data could have been breached and exfiltrated. The repositories in question are believed to house installations of major assets, such as source code for internal systems and development tools, as well frameworks supporting GitHub’s services that need to be kept secret. If the claims are proven correct, exposure could deal a heavy blow to GitHub and the wider developer ecosystem that relies on its infrastructure. Security professionals warn that once attackers gain partial access to an internal repo, it can provide nefarious users increased context and understanding of how the system is designed, which may even aid them in crafting a more limited and effective exploit later. The hacker group TeamPCP claims to have obtained the source code of around 4,000 internal private repositories from GitHub, and is now offering the data for sale on underground forums for $50K, with sample verification available. If no buyer emerges, the dataset may later be… https://t.co/D4dNMnHXrw — GoPlus Security (@GoPlusSecurity) May 20, 2026 Security Experts Warn About AI-Assisted Breach Techniques Compounding the difficulty of the incident, 23pds, chief information security officer at SlowMist has suggested that attackers may have used advanced AI tools to plan the breach. In particular, there are indications that Anthropic’s Mythos security AI was used to search the depths for holes and refine this attack. Instead of an opportunistic attack, this view of the breach renders it a calculated operation by context-focused reconnaissance and AI-optimized execution. If confirmed, this would constitute a significant increase in the sophistication of cyberassaults. These fears are compounded by the fact that expectations of a continued secure vaulting and protection of assets such as Copilot source code, CodeQL algorithms, and GitHub Actions runtime, core building blocks for modern software development may not develop. Which enables systemic threats as a result of their compromise. 我们 @SlowMist_Team 刚刚分析网络犯罪论坛的爆料,黑客可能用Anthropic 的Mythos 安全AI,用它精准突破 GitHub 的防线,偷走约4000个核心内部仓库： 里面有Copilot的源码、CodeQL的算法、Actions运行时和整个计费系统等等太多信息了。… https://t.co/dUtVVx0CN6 pic.twitter.com/gVDyEx2pHi — 23pds (山哥) (@im23pds) May 20, 2026 GitHub Rotates Secrets And Urges Users To Stay Vigilant GitHub has acted swiftly to contain associated risks in light of the breach. The company confirms it has rotated its most critical secrets, focusing on those that have the highest possible impact to prevent further usage. Additional safeguards range from an always-on log analysis to confirming that security patches remain untouched and no anomalous activity. GitHub noted that despite these protective measures, customers, particularly those with private repos, should stay vigilant. As a precaution, developers are advised to conduct immediate security audits, check access logs and change sensitive credentials. It highlights the need for preemptive security best practices in an era of increasingly advanced threats. Even if breaches are limited by internal boundaries, their effects can reach far beyond the original breach. With this investigation continuing, GitHub has committed to additional action as appropriate, and updating with more information once it’s available. For now, the focus remains on containment, transparency and bolstering defenses. Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services. Follow us on Twitter @nulltxnews to stay updated with the latest Crypto, NFT, AI, Cybersecurity, Distributed Computing, and Metaverse news !