币界网报道：CoinMarketCap confirmed a security breach on June 20, 2025, where hackers exploited a vulnerability through a seemingly benign doodle image on its homepage. The malicious code, delivered via a manipulated JSON payload through the platform's backend API, triggered fake "Verify Wallet" pop-ups—a phishing attempt to steal crypto wallet access. Blockchain security firm Coinspect Security traced the attack to CoinMarketCap's rotating "doodles" feature, which allowed the exploit without altering core infrastructure. The pop-ups were active briefly before being removed. CoinMarketCap stated it acted immediately to address the issue and implemented mitigation measures, though it did not disclose potential user impact or compromised wallets. The incident highlights persistent API-related security risks in Web3 platforms.