exploit

ZKSync has done a commendable job in revoking over $5 million in tokens. A smart hacker took a 10% bounty to return the assets they stole. After reporting the hack on March 30, on April 23, the company announced that the hacker had acted in good faith. They did manage...

The global landscape of Decentralized Finance (DeFi) offers a trustless utopia. Yet inarguably, human fallibility remains an Achilles’ heel as a vulnerability. Our most recent ROAR hack yielded significant losses of $785,000. This incident should serve as a reminder of the insider threat that even the most innovative blockchain projects...

Aikido, a software security company that focuses on developer oriented security tools, identified a breach in the XRP Ledger’s JavaScript library (xrpl.js). Without compromising user safety, they succeeded in neutralizing the threat. On April 21, we learned of a breach that affected xrpl.js versions 4.2.1 through 4.2.4. This component is...

R0AR, a gamified cryptocurrency platform registered in Kingstown, Saint Vincent & The Grenadines, has announced it’s suffering a critical token drain attack. This self-enforced issue is currently hitting its $1R0R token hard. A previously undiscovered vulnerability in the staking contract was at fault for the incident. As punishment, the token’s...

The KiloEx hack. $7.4 million gone. A multi-chain NFT-ccident horror show playing out on Base, opBNB, and BSC. And a stark question looms: Are we building a cross-chain DeFi future on foundations of sand?Systemic Risk: DeFi's House of Cards?Think of the 2008 financial crisis. Subprime mortgages, bundled into securities and...

KiloEx, India’s first decentralized exchange (DEX), was recently hacked for a whopping $5 million. They quickly reported it to Hong Kong police and lodged a formal case after losing about $7 million. The exchange has been working with the Criminal Division of the Hong Kong police. These specialists are collaborating...

ZKsync, one of the most popular Ethereum Layer-2 platforms, recently experienced a $3 million security breach. Hackers made off with $5 million worth of airdrop tokens in the attack. This incident shows the risks associated with misuse of an admin wallet. It’s a shocking instance of just one of the...

On April 15, 2025, ZKsync had an enormous security exploit. This event led to the unauthorized minting of 111 million ZK tokens (at the time, valued at approximately $5 million). The event raised emergency flags all across the incident, users of the entire cryptocurrency community, but particularly interested ZKsync users...

KiloEx, a decentralized finance (DeFi) platform, tools and liquidity operations have been suspended. This decision comes on the heels of a severe security breach that resulted in losses of around $7.5 million. The attack, which was blamed on oracle manipulation and cross-chain vulnerabilities, sheds light on the systemic risks that...

ZKSync’s ZK token price plummeted following a hack. This breach provided bad actors a backdoor to mint and sell tokens. In short, what started on April 15, 2025, with a hacked admin account ultimately gave the hacker control of $5 million worth of unclaimed ZK tokens from the project's airdrop...