News linked to both this project and an event.
Odaily, Mitchell Amador, CEO of bug bounty platform Immunefi, stated at the WAIB Summit that new AI models such as Claude Opus 4.8 and ChatGPT 5.5 are shifting the balance of cybersecurity offense and defense in favor of attackers, leading to a resurgence in crypto hacks in 2026. Data from DefiLlama shows that in April 2026, illicit actors stole over $634 million from crypto platforms, the highest monthly total since the Bybit hack in February 2025 drove losses of approximately $1.4 billion.Amador stated that the crypto industry is in a critical survival period for the next three to four years until security teams leverage similar AI models to build codebases that attackers cannot breach; if the industry adopts more crowd-sourced security solutions, this timeline could be shortened to within two years. The latest Claude Mythos model, Fable 5, from AI company Anthropic, previously raised concerns about accelerating the ability to exploit crypto vulnerabilities.Anthropic stated that Fable 5 has safeguards in place that will redirect topics related to cybersecurity and similar fields to Claude Opus 4.8. On April 19, an attacker transferred approximately 116,500 restaked Ethereum (rsETH) from Kelp DAO's LayerZero-based rsETH bridge, valued at around $290 million to $293 million at the time. Cross-chain protocol LayerZero stated that the 1/1 decentralized verification network configuration of Kelp DAO relied on a single verification path for processing cross-chain messages, creating a single point of failure. (Cointelegraph)
in April this year, KelpDAO's LayerZero bridge was exploited in a $292 million vulnerability attack, triggering an $8.45 billion deposit run on Aave within 48 hours, marking the largest capital outflow event in decentralized finance (DeFi) history. Aave founder Stani Kulechov stated that the design of Aave V3 withstood the market test, demonstrating the network's "resilience." However, independent data indicates that Aave's survival primarily relied on $300 million in emergency rescue, including a 25,000 ETH guarantee from the Aave DAO and a personal injection of 5,000 ETH (approximately $8.4 million) by Kulechov.Kulechov attributed the vulnerability to third-party infrastructure rather than core smart contracts. However, analysts pointed out that this incident exposed deficiencies in Aave's risk architecture and insurance mechanisms, leading the platform to incur significant bad debt (approximately $123.7 million in wETH). To prevent future bridge failures from triggering systemic bank runs, Aave V4 will adopt a modular "hub-and-spoke" architecture, enabling local risk auto-adjustment and collateral freezing. (CoinDesk)
According to The Block, the DeFi lending protocol Radiant Capital has announced it will officially cease operations. The protocol suffered a hack in October 2024, losing approximately $51 million; the attacker gained unauthorized access by deploying backdoor contracts on Arbitrum and BNB Chain. Earlier in 2024, the protocol had also been hit by a flash loan attack, resulting in a loss of roughly 1,900 ETH (approximately $4.5 million). After 18 months of recovery efforts, Radiant Capital stated that it has neither recovered a significant portion of the stolen funds nor secured new financing, declaring that “the DAO has no viable path forward.” The protocol will now enter a “maintenance mode”: its frontend and smart contracts remain accessible, allowing users to withdraw funds, repay loans, and manage positions. Any funds recovered in the future will be returned to affected users.
DeFi protocol Radiant has announced that after 18 months of continuous effort following a hack attack in October 2024, the DAO no longer has a viable path to continue operations and will gradually enter a "sunsetting" phase.Radiant stated that there is currently no progress in fund recovery, no new capital injection, and a lack of funds and development space to maintain normal operations. Therefore, it cannot proceed with responsible long-term operation.According to the plan, Radiant will transition to maintenance mode: the frontend interface will continue to run, on-chain smart contracts will remain accessible, and users can still withdraw, repay, and manage positions. However, the project will halt all new feature development, upgrades, and expansions. At the same time, the borrowing cap will be set to zero, incentives for issuing the RDNT token will cease, and treasury funds will be used solely to maintain basic operations. The project's future focus will be entirely on user asset security, fund recovery, and an orderly liquidation process.Radiant stated that efforts to recover assets will continue, and the relevant recovery portal will remain open. Any future recovered funds will be returned to affected users, but the outcome of the recovery remains uncertain and may take a long time. Although operations are gradually ceasing, on-chain contracts will remain available, and users need to manage their own risks and gradually exit their positions.
Stake DAO posted a response on platform X regarding the security incident, stating that its team has taken note of the incident and that users should not interact with vsdCRV for the time being.In addition, contracts related to Stake DAO on Arbitrum exhibited abnormal behavior, resulting in the minting of 5.4 trillion vsdCRV tokens. Security teams have classified this as a suspected infinite minting exploit.
Syndicate, a DAO infrastructure service provider, has announced it will gradually cease operations. It stated that after five years of continuously building on-chain developer infrastructure, the Rollup market has undergone fundamental changes. Currently, the Rollup market has significantly shrunk, some Rollup projects are gradually shutting down, and the market has shifted from EVM Rollups to custom chains built from scratch by consulting teams, leading to a notable decline in reusable technology and network value.Syndicate stated that its system consists of two parts: Syndicate Labs, responsible for development, will be closed, while the independent entity Syndicate Network Collective (Wyoming DUNA), which holds SYND tokens and has governance rights, will continue to exist. SYND governance will not be affected in the short term.Furthermore, Syndicate emphasized that this decision to cease operations is unrelated to recent cross-chain security incidents. Affected users and SYND holders have been fully compensated through the treasury reserves, and team and investor tokens are currently still in a lock-up period.
following the $292 million exploit of Kelp DAO's LayerZero bridge, the security of cross-chain infrastructure has once again come under scrutiny. DeFi protocols Kelp DAO, Solv Protocol, Re, and crypto exchange Kraken have all taken similar migration measures, with the total value of this outflow reaching approximately $4 billion.Decentralized finance protocol Lombard has become the latest project to join the migration wave, announcing a gradual phase-out of LayerZero and the migration of over $1 billion in Bitcoin collateral assets to Chainlink's Cross-Chain Interoperability Protocol (CCIP). Bitcoin-related tokens issued by Lombard include LBTC and BTC.b. It is reported that Lombard's initial migration assets cover the Solana, Etherlink, Berachain, Corn, and TAC chains, while the use of LayerZero on Morph and Swell will also be terminated. As of now, LayerZero has not responded to requests for comment. (CoinDesk)
in April 2026, two major DeFi attacks on Drift Protocol and Kelp DAO resulted in losses of nearly $600 million, triggering approximately $9 billion in capital outflows from protocols like Aave. TRM Labs investigator Nick Carlsen stated that a hacker group suspected to be linked to North Korea has allegedly used AI to assist in target selection and attack path design. Failsafe CEO Aneirin Flynn said that AI has compressed the time for discovering blockchain vulnerabilities from months to days or even hours. The report noted that Anthropic has not fully opened its AI model Mythos due to cybersecurity risks, claiming the model has the capability to discover large-scale zero-day vulnerabilities. Its research indicates that over half of blockchain attacks in 2025 could theoretically be completed autonomously by AI. (Bloomberg)
that, according to official sources, AaveLabs has proposed restructuring the Aave DAO bug bounty framework into multiple specific subsystem programs, operating on the Immunefi, Sherlock, and Cantina platforms respectively. Core Aave V3, Core Aave V2, GHO, and non-liquidity protocol infrastructure will be covered by Immunefi; Aave V4 and the Aave App Stack will be covered by Sherlock; and Aave V3 on Aptos will be covered by Cantina.The proposal suggests adjusting the bounty scale for each system. The maximum reward for critical vulnerabilities in Core Aave V3 is $5 million, while the maximum reward for critical vulnerabilities in Aave V4 is $2.5 million. Additionally, the funding source for the Aave V3 bug bounty on Aptos will be transferred from Aave Labs to the Aave DAO. This ARFC proposal has currently been passed.
Odaily Odaily News Gate Research recently released its "April 2026 Cryptocurrency Market Review" report, indicating that the overall cryptocurrency market saw a volatile upward trend in April, with total market capitalization significantly higher than in March. BTC and ETH ETF trading volumes maintained high volatility overall. The report shows continued divergence in activity across major public chain ecosystems. Solana's daily transaction volume remained in the range of approximately 90 million to 110 million transactions, maintaining its leading position.Regarding trending sectors, the report notes that Pokemon TCG RWA has become one of the fastest-growing on-chain RWA sub-sectors, entering a second explosive growth phase in April. Major trading platforms saw monthly trading volumes exceed $220 million, with weekly revenue briefly approaching $6 million, setting new historical records. Meanwhile, Aave experienced its most severe liquidity crisis ever in April, with TVL outflows reaching tens of billions of dollars within a few days and net outflows exceeding $9 billion for the entire month.In terms of fundraising and security incidents, the Web3 industry completed 51 financing rounds in April, totaling approximately $834 million, with capital further concentrating on leading financial and infrastructure tracks. Among these, Payward ranked first for the month with a $200 million financing round. On the security front, Web3 security incidents in April resulted in losses of approximately $306 million, a month-over-month increase of about 858%, primarily driven by a single cross-chain infrastructure attack on Kelp DAO worth approximately $293 million. The report suggests that against the backdrop of a recovering market, on-chain activity and capital liquidity are both increasing simultaneously. However, the security risks associated with cross-chain infrastructure and high-leverage protocols remain worthy of continued attention.
According to Cointelegraph, a New York judge has postponed the hearing on Aave’s emergency motion to unfreeze approximately $71 million worth of ETH and ordered Aave and Gerstein Harrow LLP to submit additional case briefs. A new hearing is scheduled for June 5. The court noted that Aave previously failed to adequately explain why users’ funds would suffer “derivative losses” if the restraining order remained in effect. The assets in question are linked to the Kelp DAO hack, which involved approximately $293 million and was previously frozen by Arbitrum. The judge also directed both parties to further clarify several legal issues, including the applicable law governing the hacker’s transactions, the legal distinction between fraud and theft, the priority ranking of creditors’ claims, the applicability of constructive trust, and whether assets can be proportionally returned to victims.
Odaily News: Margaret Garnett, a U.S. District Judge in Manhattan, has approved Aave's asset recovery proposal, allowing the transfer of approximately $71 million in ETH previously frozen on Arbitrum and linked to North Korean-linked attacks, to a wallet controlled by Aave LLC, while preserving the legal claims of terrorism victim plaintiffs over the funds. The ruling also amended the earlier freeze notice against the Arbitrum DAO, permitting the transfer to be executed through an on-chain governance vote and exempting those who propose, vote on, or participate in the transfer from liability under the freeze order. The transfer is still subject to an official vote by Arbitrum's on-chain governance. (CoinDesk)
Odaily Odaily: Aave posted on the X platform stating that the second phase of the technical solution for the rsETH incident recovery has progressed. On May 6, eight positions of the hacker on Aave V3 were liquidated, and the recovered rsETH collateral has been transferred to the recovery guardian. The Arbitrum DAO has passed a proposal to return the previously recovered $71 million in ETH.Regarding the application for asset freezing filed by the plaintiff, the judge has approved Aave LLC's proposal, allowing the transfer of the $71 million in ETH to Aave LLC through an on-chain vote by the Arbitrum DAO. Subsequent plans include burning rsETH on Arbitrum and restoring the rsETH reserve. After the reserve is restored, withdrawals will be reopened, and the WETH Loan-to-Value (LTV) ratio on the Aave V3 Ethereum mainnet will be restored.
The Mantle community has approved proposal MIP-34, authorizing the Mantle Treasury to extend a loan of up to 30,000 ETH to the Aave DAO to address the non-performing loan impact on Aave V3 resulting from the rsETH cross-chain bridge security incident on April 18, 2026. Per the proposal, the loan term is up to 36 months, with an annual interest rate of LIDO + 1%; the borrower may repay early without penalty. Regarding risk control, Mantle will hold a first-priority security interest in the relevant collateral assets. Additionally, Aave will provide supplementary collateral comprising no less than $11 million worth of AAVE tokens and protocol revenue, and delegate 130,000 AAVE tokens to Mantle for governance participation.
According to The Block, the Arbitrum DAO voted to release 30,765.6 ETH (approximately $70 million), previously frozen, to support the DeFi United initiative—aimed at offsetting Kelp DAO’s $292 million exploit loss last month. The vote passed with 90.96% support (182.2 million votes). The attack was allegedly carried out by the North Korean Lazarus hacking group, which exploited a vulnerability in LayerZero’s OFT cross-chain bridge—a single-validator configuration—which allowed attackers to steal 116,500 rsETH and pledge most of the stolen assets as collateral on Aave, resulting in roughly $190 million in bad debt. DeFi United has secured contributions from multiple parties, including 30,000 ETH from Consensys and Joseph Lubin, a 30,000-ETH loan from Mantle, and 5,000 ETH from LayerZero.
Solv Protocol has announced the migration of over $700 million in tokenized Bitcoin assets to Chainlink's cross-chain protocol CCIP, and will gradually phase out LayerZero's bridging support across multiple chains. The migration involves core assets such as SolvBTC and xSolvBTC. Solv stated that the decision is based on the latest security reviews and recent cross-chain security incidents, and CCIP will become its standard cross-chain infrastructure. This move follows Kelp DAO's migration of approximately $290 million in assets to Chainlink, further strengthening the trend of "cross-chain infrastructure shifting toward security-first migration." (CoinDesk)
According to on-chain data platform Santiment (@SantimentData), as Bitcoin’s price reclaimed the $80,000 level, the ratio of bullish-to-bearish comments on social media rose to 1.37:1.00—the highest in nearly four months—signaling a notable surge in market optimism. However, Santiment cautions that historically, sharp increases in bullish sentiment often serve as warning signs rather than buy signals. When retail FOMO dominates social media discussions, traders tend to enter positions late in the trend, raising the likelihood of local tops, profit-taking, and sudden price volatility. Santiment notes that peak market euphoria frequently coincides with the onset of waning momentum. By comparison, following the Kelp DAO vulnerability incident in mid-April, social sentiment plunged into deeply bearish territory; the exit of “weak-handed investors” instead laid a healthier foundation for the current rally. With sentiment now having reversed dramatically, Santiment advises traders to remain vigilant against potential risks stemming from excessive leverage and overly concentrated positions.
Aave has announced the completion of the liquidation of the remaining rsETH position belonging to the Kelp DAO attacker. The related collateral assets will be transferred to the Recovery Guardian multi-signature wallet managed by DeFi United, to be used for restoring rsETH reserves and compensating affected users.This liquidation is part of the recovery plan following the previous $292 million attack incident. Aave had previously passed a governance vote to temporarily adjust the rsETH oracle price in order to create bad debt in the attacker's position and trigger liquidation. The relevant parameters will be restored upon completion of the liquidation. Previously, the attacker exploited the Kelp DAO cross-chain bridge based on LayerZero to forge 116,500 unbacked rsETH and borrowed ETH from protocols such as Aave and Compound. Currently, the recovery funds managed by DeFi United have exceeded $320 million.
Kelp DAO has announced the migration of its restaking token rsETH to Chainlink CCIP, citing enhanced security as the reason for this move. Previously, a cross-chain bridge built by Kelp DAO on LayerZero was attacked on April 18, with hackers stealing approximately 116,500 rsETH, valued at around $292 million, and using the assets as collateral to borrow WETH on Aave v3.Regarding the cause of the vulnerability, LayerZero previously stated that the issue stemmed from Kelp DAO using a single DVN verification path configuration rather than multiple independent verifications. Kelp DAO responded that this configuration was the default setting and that LayerZero had confirmed its security without flagging any related risks. LayerZero CEO Bryan Pellegrino subsequently denied this claim, stating that Kelp DAO had proactively modified the default multi-DVN configuration. Both parties continue to dispute responsibility for the incident. (Cointelegraph)
According to the official disclosure by Drift Protocol, all affected wallets impacted by the April 1 attack will receive Recovery Tokens—representing their verified losses and proportional claims against the Recovery Pool—where each Recovery Token corresponds to $1 of verified loss. The Recovery Pool’s initial funding is approximately $3.8 million, sourced from converting the protocol’s remaining assets into USDT. It will be further replenished through a portion of quarterly net exchange revenue, partner contributions, and up to $127.5 million in matching deployment from Tether. Once the Recovery Pool exceeds $5 million, users may begin redeeming Recovery Tokens; the redemption price will be calculated as the Recovery Fund’s value divided by the outstanding supply of Recovery Tokens. Drift stated that the Insurance Fund was unaffected by the attack; any release of related funds requires governance proposals and DAO voting. The exchange plans to relaunch in Q2 2026, focusing primarily on perpetual contracts and a select set of markets. Additionally, it will replace its programs and addresses, rotate keys, reconstruct its community multisig, remove durable nonces and the Earn product, and implement operational security upgrades.