Exploits Articles

Breached cyberpunk vault door with a single compromised lock: the 1-of-1 LayerZero DVN that let $292M leave Kelp DAO

Kelp DAO's $292M Hack and Aave's $6B Fallout: One Config Parameter Broke DeFi

A 1-of-1 LayerZero DVN let attackers drain 116,500 rsETH ($292M) from Kelp DAO, loop it through Aave V3 for $266M in ETH, and wipe $6B in Aave TVL in 24 hours. No Solidity bug. One config parameter broke DeFi.

Aron Turner·Apr 20, 2026

exploits

Drift Protocol's $270M Exploit: How Solana's Durable Nonces Became a Social Engineering Weapon

An attacker drained $270M from Drift Protocol by abusing Solana's durable nonce feature to pre-sign malicious multisig transactions weeks before execution.

Aron Turner·Apr 3, 2026

Aave oracle liquidation incident breakdown

exploits

Aave's $27M Liquidation Incident: How a Stale Oracle Parameter Wiped Out 34 Users

A desynchronized oracle parameter caused Aave to undervalue wstETH by 2.85%, triggering $27M in wrongful liquidations across 34 users. Full technical breakdown.

Aron Turner·Mar 12, 2026