Foundry - Tool

Threat entity extracted from intelligence sources

Frequency
7
occurrences
First Seen
December 3, 2025
Last Seen
June 12, 2026

Foundry is a tool tracked across 5 threat clusters and 7 intelligence report mentions on ThreatCluster. First observed December 3, 2025; most recent activity June 12, 2026.

Overview

Foundry is presented as a cybersecurity tool/attack framework associated with autonomous AI agents that can interact with blockchain smart contracts to identify and exploit vulnerabilities. The tool’s significance lies in enabling automated, rapid exploitation of DeFi contracts, potentially draining large sums of money and signaling a shift toward automated cybercrime in the blockchain space. The article underscores the growing risk posed by AI-driven tooling in financial ecosystems.

Related Threat Clusters

Recent Intelligence Reports

  • Report: Microsoft Restricts Employees' Claude Access Over Data Retention — Uk.Pcmag · June 12, 2026
  • Don't Fear the Repo: UNK_DeadDrop Phishing Campaign Targets Developers to Steal Cryptocurrency — Proofpoint · June 8, 2026
  • North Korean Hackers Use Fake Coding Tasks to Steal Crypto — Infosecurity-Magazine · June 8, 2026
  • Dev helps rescue $2 million locked in 2016 ICO contract for nine years with whitehat exploit — Theblock.Co · June 1, 2026
  • 'We don't know who deployed this': Squid distances itself from $3.2 million third — Theblock.Co · May 25, 2026
  • 'We don't know who deployed this': Squid distances itself from $3.2 million third — Theblock.Co · May 25, 2026
  • AI Agents Demonstrate Alarming Ability to Exploit Smart Contracts, Potentially Draining Millions — Quasa · December 3, 2025

CVSS v3.1 Breakdown