Aave's $230 million rsETH exploit was traced to a failure in KelpDAO's LayerZero bridge, not Aave's smart contracts. Attackers forged a cross-chain message to mint unbacked rsETH, exposing risks in bridge verification systems. In response, Aave is overhauling its risk framework to include scrutiny of bridges, oracles, custodians, and operational security, alongside traditional financial and smart contract risks. The protocol has already made hundreds of parameter changes and plans automated defenses to reduce collateral risk quickly, signaling a shift in DeFi risk management beyond just smart contract bugs.
Aave, a decentralized finance protocol, has fully restored liquidity to its lending pools after a $300 million cross-chain exploit drained assets. The attacker minted fake tokens and used them as collateral to borrow large amounts of Ethereum-based a...
Leading cryptocurrencies like Bitcoin and Ethereum experienced significant price declines, with Bitcoin falling about 6.57% to $66,870 and Ethereum dropping nearly 5% to $1,901.68. This broad market sell-off reflects investor caution and potential pr...
The Kelp DAO hacker has laundered nearly all of the approximately $220 million stolen in an April bridge exploit, moving funds through privacy services like THORChain, Umbra, and Tornado Cash, making recovery difficult. Only about $1.7 million remain...
Renzo Protocol has transitioned the management of its Reserve vault's USCC tokenized fund from Superstate to Bitwise, effective June 1, 2026. The fund is now rebranded as the Bitwise Crypto Carry Fund, with Superstate maintaining on-chain infrastruct...
Aave announced a major update to its risk management after a $230 million exploit involving rsETH tokens in April 2026. The attack was not due to flaws in Aave's smart contracts but stemmed from a compromised cross-chain bridge used by KelpDAO, which...
