Crypto security researcher Taylor Monahan has publicly slammed Coinbase CEO Brian Armstrong and accused the exchange’s leadership of prioritizing growth over user safety. Security failures tied to Coinbase Commerce resurfaced as Armstrong unveiled the company’s 2026 roadmap. Old Wounds, New Roadmap Responding to Armstrong’s tweet about Coinbase’s top priorities for 2026, which focused on expanding a global “everything exchange,” scaling stablecoins and payments, and bringing the world on-chain through Base, Monahan argued that user protection remains noticeably absent. She wrote , “Brian still doesn’t see user safety to be a priority for Coinbase. It cost them >$350m in 2025. It could’ve been prevented.” Monahan claimed that Coinbase had been warned for “months and months and months” about serious security issues. Her frustration traces back to findings published by on-chain investigator ZachXBT in December 2024, which detailed a suspected exploit involving Coinbase Commerce. According to the investigation, a Coinbase Commerce contract saw more than $15.9 million in suspicious USDC outflows on Polygon over a 16-hour period in April 2024, and funds were later bridged to Ethereum, swapped into ETH, and split across multiple wallets. A threat actor using the alias “Excite” allegedly flaunted control of the stolen funds in Telegram chats and on social media, while a portion of the assets was later routed through mixers and gambling platforms in an attempt to obscure their origin. The case raised questions about why Coinbase’s AML and transaction monitoring systems failed to flag the activity in real time, despite the size, speed, and pattern of the outflows. Monahan had amplified those concerns at the time, criticizing the platform’s failure to address the issue. Now, more than a year later, the blockchain researcher says nothing fundamental has changed. Reacting to Armstrong’s latest roadmap, she accused the exchange’s leadership of pushing for more users without first fixing known vulnerabilities. “Literally over a year later. And the priority is still ‘bring more lambs to my slaughterhouse pls.'” Handling of Security Incidents ZachXBT, for one, had repeatedly criticized Coinbase over account lockouts and an undisclosed data breach that he says led to user losses. Last year, he claimed that Coinbase locked him out of his account twice within a month without explanation and failed to clearly inform users about a breach that exposed customer data. The pseudonymous investigator had also said that he cannot recommend the platform due to ongoing transparency and security issues. His comments add to past criticism, including claims that weak responses to scams and impersonation attacks contributed to tens of millions of dollars in losses between late 2024 and early 2025. The post ‘Bring More Lambs:’ Researcher Slams Brian Armstrong Over Coinbase Security Failures appeared first on CryptoPotato .
