IPOR Labs suffered a $336,000 exploit targeting its USDC Fusion Optimizer vault on Arbitrum, with the attack exploiting a combination of legacy contract vulnerabilities and Ethereum’s newly ...

Cetus lost over $220 million after an attacker exploited a flaw in a smart contract math library. The attacker used spoof tokens and overflow bugs to trick the system into giving away real assets.

Unleash Protocol saw unauthorized withdrawals based on its decentralized governance mechanism. Losses are estimated at $3.9M, with a big part of the funds already mixed through Tornado Cash.

The decentralized finance app lost nearly $4 million thanks to an interaction between an old bug and a new input validation vulnerability. Decentralized finance (DeFi) protocol Onyx was exploited for ...

Aave version (v)1 was previously thought to be affected by the exploit. However, Aave developers said the protocol was unaffected and merely used to swap tokens to conduct the exploit, which mainly ...

A hacker stole $3.6 million from a DeFi protocol DForce in a reentrancy attack targeting its Arbitrum and Optimism chains. DForce confirmed the attack on Twitter, saying it paused all vaults to avoid ...

Decentralized finance (DeFi) protocol Blueberry has managed to pause its protocol after a mad dash to limit potential damage from an “ongoing exploit” on Friday. In a Feb. 23 post on X, the Blueberry ...

Decentralized finance (DeFi) platform LI.FI protocol has been hit by a roughly $11 million exploit following a series of suspicious withdrawals, on-chain data shows. "Please do not interact with any ...

Nemo Protocol released a comprehensive post-mortem blaming a rogue developer for deploying unaudited code containing critical vulnerabilities that enabled a $2.59 million exploit on September 7. The ...

Loopscale, a decentralized finance (DeFi) protocol built on Solana, has suspended its lending operations following a $5.8 million exploit. The incident occurred on April 26, when a hacker drained 5.7 ...

Attackers can abuse the way browsers and other applications handle steam:// protocol URLs in order to exploit serious vulnerabilities in the Steam client or games installed through the platform, ...

It happens all too often that the first time a vulnerability becomes known is when a forensic investigation is under way to find out how a system was broken into, or when a virus that’s already ...