Hack
North Korea’s crypto heist playbook is expanding and DeFi keeps getting hit
More than $500 million was siphoned across the Drift and Kelp exploits in just over two weeks. What once looked like isolated breaches now resembles a sustained campaign, likely driven by the financial needs of a sanctioned state.
Aave could face up to $230 million in losses after Kelp DAO bridge exploit triggers DeFi chaos
Aave published a report outlining two possible outcomes: around $123 million in losses if damage is shared across all rsETH, or up to $230 million if confined to Layer 2s, with the final impact depending on how Kelp DAO allocates the shortfall.
Kelp DAO claims LayerZero’s 'default' settings are what actually caused the massive $290 million disaster
The liquid restaking protocol said the compromised verifier was LayerZero's own infrastructure, and the setup it was faulted for running was LayerZero's onboarding default.
Hack at Vercel sends crypto developers scrambling to lock down API keys
Breach tied to compromised AI tool may have exposed credentials used by app frontends, the user-facing layer that connects web3 wallets and trading interfaces to backend services.
The $292 million Kelp exploit: how it happened, and what it means for DeFi
2026 is shaping up to be DeFi's "worst year in terms of hacks," Ledger's CTO said, as the Kelp exploit shows how a single point of failure can cascade across systems.
U.S. government moving bitcoin tied to Bitfinex hack
The U.S. government just transferred about $606,000 of bitcoin to Coinbase Prime, with on-chain data tying the coins to the 2016 Bitfinex hack. The government currently holds roughly $24.5 billion in bitcoin as part of its strategic digital asset reserve. CoinDesk's Jennifer Sanasie hosts "CoinDesk Daily."
Russia-linked Grinex exchange halts operations after $13 million ‘state-backed’ hack
The exchange, formerly known as Garantex and based in Kyrgyzstan, has been sanctioned by the U.S., U.K. and EU for helping users bypass sanctions.
A fake Ledger app on the Apple App Store drained $9.5 million in crypto
A malicious Ledger Live clone slipped onto Apple’s App Store, draining millions from dozens of victims across multiple blockchains in a week-long phishing campaign.
Crypto exchange Kraken targeted in extortion attempt but says there was no breach and no client funds at risk
The firm said a criminal group is attempting to extort it over limited insider-related data access incidents affecting about 2,000 accounts. Kraken says it will not pay and is working with law enforcement.
U.S. Treasury to loop in crypto sector on hacker warnings shared with traditional firms
The Department of the Treasury announced it's letting crypto firms sign up for timely information-sharing on cybersecurity threats.
