Crypto World
Kelp exploit exposes non-isolated DeFi lending risks, crypto execs warn
The Kelp restaking exploit underscores a broader vulnerability in DeFi: non-isolated lending and tightly integrated protocols can create rapid, cross-platform contagion. Industry insiders say the incident serves as a stress test for how risk can cascade beyond a single smart contract when assets and incentives are interconnected across multiple chains and products.
According to Michael Egorov, founder of Curve Finance, allowing lending frameworks to treat a wide array of collateral as interchangeable leverage exposes users to the risk of a single point of failure within the broader collateral ecosystem. In practical terms, a breach or misstep tied to one token can ripple through all assets backed by that same architecture, amplifying losses beyond the original target. Egorov’s observations align with a growing emphasis in DeFi risk management on collateral design and vault hygiene as the ecosystem grows more complex.
The Kelp project, which operates a restaking mechanism tied to the rsETH token, became the centerpiece of a weekend security incident when it was attacked, forcing a halt to Kelp’s smart contracts and triggering an urgent security review. Early estimates pegged misappropriated funds at around $293 million, with the platform moving quickly to investigate and mitigate the damage. The incident illustrates how nuanced DeFi constructs—restaking, liquidity provision, and cross-protocol guarantees—can present an expanded attack surface when combined with cross-chain functionality.
In the wake of the attack, Egorov urged DeFi teams to enhance asset vetting before accepting tokens as lending collateral, warning against single points of failure or exploitable surface areas within new digital assets. His guidance points to a broader industry push toward stronger due diligence on novel assets and more granular risk assessments for collateral acceptance on lending platforms.
The Kelp incident also spotlights the cross-chain dimension of the risk vector. Egorov cautioned that cross-chain frameworks and bridges, while enabling liquidity and interoperability, introduce significant attack surfaces. “Cross-chain is hard and potentially risky. Only use cross-chain infrastructure when absolutely necessary, and do it really carefully,” he said in an interview. The message arrives at a time when users increasingly depend on multi-chain strategies to access liquidity and yield opportunities, but security architectures have not always kept pace with rapid product innovation.
Crypto-security researchers framed the incident as a contagion event rather than a single-contract exploit. Cyvers, a blockchain security firm, described the Kelp attack as crossing protocol boundaries almost immediately. The incident affected at least nine DeFi protocols and platforms, including Aave, Fluid, Compound Finance, SparkLend, and Euler, all of which took steps to freeze rsETH markets or otherwise mitigate the fallout. The rapid cross-protocol response underscores how decentralized systems rely on a network of dependent components—lenders, oracles, bridges, and liquidity pools—to function. When one piece falters, others must quickly reconfigure risk controls to prevent broader losses.
“This was not just a protocol exploit. It immediately became a cross-protocol contagion event,” Cyvers CEO Deddy Lavid told Cointelegraph. The challenge is no longer just preventing exploits at the contract level, but understanding how fast they can cascade across integrated protocols.
The ripple effects from Kelp are not isolated to a handful of DeFi shops. The attack followed Drift Protocol’s about $280 million hack earlier in the month, and Cointelegraph notes that a string of other crypto platforms and DeFi exploits have marked a period of heightened risk activity for the sector. In total, losses from crypto hacks, code exploits, and scams in Q1 2026 were reported to be substantial, reinforcing the need for improved security, governance, and incident response across DeFi ecosystems.
Key takeaways
- Interconnected risk amplifies losses. Non-isolated lending means collateral attacks can spread through multiple tokens and protocols, increasing the potential scope of exploit losses beyond a single project.
- Cross-chain design as both enabler and hazard. Bridges and cross-chain liquidity foster innovation but also widen the attack surface, making careful, deliberate use essential.
- Contagion across nine protocols. The Kelp incident prompted immediate actions from Aave, Fluid, Compound Finance, SparkLend, Euler, and others to pause or mitigate rsETH exposure, illustrating real-time containment challenges in integrated DeFi networks.
- Asset vetting remains a priority. Industry voices emphasize rigorous evaluation of new collateral and the pursuit of resilient, multi-layer risk controls before broadening lending collateral acceptance.
- Sector context matters. The episode sits within a sequence of high-profile exploits, including Drift Protocol, signaling a broader imperative for stronger incident response and security architectures as DeFi grows more interconnected.
Kelp, rsETH, and the evolving DeFi security landscape
The Kelp incident is a concrete reminder that highly specialized DeFi constructs—such as restaking mechanisms—do not exist in a vacuum. The rsETH token, while offering potential yield and staking mechanics, also creates dependencies on the health of the restaking pipeline and the security of the tokens used as collateral. When a vulnerability emerges in one component, other protocols relying on the same token or the same cross-chain infrastructure can be pulled into the crisis, sometimes within hours or minutes of the initial breach.
From a risk-management perspective, the episode underscores several practical steps for builders and operators. First, strengthening the governance and vetting process for new assets used in lending markets is critical. Second, there is a clear case for tighter, more auditable cross-chain interaction patterns—reducing trust assumptions where possible and defaulting to more conservative bridge usage. Third, incident response playbooks must embrace rapid cross-protocol coordination, including predefined withdrawal or pause criteria that can be executed decisively to limit losses.
For investors and traders, the unfolding narrative reinforces a cautious stance toward complex DeFi products that rely on multi-layer architectures. While such products can unlock innovative yield opportunities, they also carry layered risk—asset design risk, cross-chain risk, and governance risk—that can compound quickly in fast-moving market environments. As the sector digests this latest episode, market participants will be watching not only for immediate recoveries and protocol updates but also for longer-term shifts in collateral standards and security best practices across DeFi lending.
Broader implications for DeFi stability and policy
Analysts suggest that the Kelp incident could influence how regulators and industry groups frame risk disclosures and capital adequacy for DeFi platforms. As ecosystems become more interconnected, there is a growing call for standardized risk reporting around cross-chain activities, collateral diversification, and incident response metrics. While regulatory approaches vary by jurisdiction, the shared industry objective remains clear: build resilient infrastructure capable of withstanding rapid, multi-protocol shocks without compromising user funds.
The road ahead will likely feature a combination of enhanced asset vetting, more cautious cross-chain deployment, and stronger protocol-to-protocol coordination. The lessons from Kelp are not just about recovering from a single attack; they are about reshaping the safety net for an increasingly interconnected DeFi landscape.
Watching the next set of protocol updates and audits will be essential. As developers and security researchers digest the Kelp fallout, the market will likely see renewed emphasis on collateral risk controls, faster detection of cross-chain anomalies, and tighter governance processes to prevent similar contagion events from reoccurring.
Readers should stay tuned for further disclosures from affected platforms as they publish findings from post-incident reviews, patch timelines, and any changes to rsETH-related risk parameters. The evolving response from the DeFi community will be a critical barometer for how quickly the sector can translate security lessons into practical safeguards for users, traders, and liquidity providers.
Abu Dhabi-regulated tokenization firm KAIO said Monday it had raised $8 million in a strategic funding round backed by Tether and several other crypto and institutional investors, as it builds infrastructure to bring traditional funds onto blockchain rails.
The round brings KAIO’s total funding to $19 million. New investors include Systemic Ventures, while Further Ventures and Laser Digital joined again alongside earlier backers such as Brevan Howard Digital.
KAIO said it develops infrastructure that allows asset managers to distribute funds onchain. It packages products from firms like BlackRock, Brevan Howard and Hamilton Lane, then makes them accessible through blockchain-based systems.
With the investment, KAIO plans to expand into other products such as credit, structured investments and exchange-traded funds. The firm said it plans to launch onchain fund with Mubadala Capital, the Emirati private equity firm with $385 billion in assets under management.
By creating tokens of institutional funds, the firm said its goal is to lower investor barriers to entry. KAIO targets minimum investments starting at $100 for eligible users, far below the typical thresholds for institutional funds.
Tether’s involvement ties the model to stablecoin flows. USDT is the most popular stablecoin, boasting a $185 billion supply, and is often used to move money across borders, especially in emerging markets. KAIO aims to channel that liquidity into regulated investment products.
“KAIO’s unique position unlocks new pathways for capital formation and investment by bringing institutional-grade assets onchain and making them more broadly accessible, helping expand participation in global financial markets,” Tether CEO Paolo Ardoino said in a statement.
KAIO said its platform embeds compliance into its system and supports regulated distribution frameworks, including those in Abu Dhabi, the Cayman Islands and Singapore.
The company said it manages about $100 million in assets and has processed more than $500 million in transactions.
RavenDAO’s RAVE token lost over 98% of its value over the weekend, and the hourly chart now warns of another massive drop in the coming days.
Key takeaways:
RAVE chart hints at 50%-plus drop next
On the hourly chart, RAVE continues to trade inside a descending channel, with lower highs and lower lows forming between two downward-sloping trend lines.
As of Monday, the spot price was retreating after testing the channel’s upper boundary, a sign that sellers remain active on rallies. If that rejection holds, RAVE could slide toward the channel’s lower trend line in the near term.
A Fibonacci extension drawn from the latest bounce at the lower boundary to the recent pullback from the upper boundary points to the 1.618 extension as the next bearish objective.
That level comes in near $0.30, implying a further 55%–58% decline from current prices in April or by May.
Notably, the same setup correctly anticipated Sunday’s drop toward $0.49, reinforcing the channel’s relevance.
Meanwhile, the 20-hour exponential moving average at $0.96 and the 1.0 Fib line at $0.94 continue to cap upside attempts. Unless the bulls reclaim these levels decisively, the broader bias remains tilted to the downside.
Market manipulation claims add to RAVE risks
RAVE’s technical weakness is unfolding alongside mounting allegations of market manipulation, with market watchers comparing it to the LUNA and WAVES pump-and-dumps from 2022.
Onchain investigator ZachXBT described the token’s explosive rally and subsequent collapse as a “blatant” pump-and-dump, allegedly orchestrated across major exchanges including Binance, Bitget and Gate.io.
He flagged roughly 23 million RAVE tokens (worth around $23 million) moving from a team-linked multisig wallet to Bitget deposit addresses shortly before a 40% flash crash, and has since maintained a $25,000 bounty for whistleblowers.
RaveDAO has denied any involvement.
Related: FOMO, lax rules are fueling the crypto crime supercycle
Still, ZachXBT has doubled down on his claims, arguing that over 90% of the token’s supply may be controlled by insiders, raising concerns about liquidity concentration and price control.
A few days ago, RaveDAO revealed plans to sell portions of unlocked tokens to fund operations, marketing and hiring.
The team said it is considering price- or performance-based lock mechanisms to better align incentives, adding that “building a movement requires resources.”
This article is produced in accordance with Cointelegraph’s Editorial Policy and is intended for informational purposes only. It does not constitute investment advice or recommendations. All investments and trades carry risk; readers are encouraged to conduct independent research before making any decisions. Cointelegraph makes no guarantees regarding the accuracy or completeness of the information presented, including forward-looking statements, and will not be liable for any loss or damage arising from reliance on this content.
Crypto World
A $293 Million Hack Wiped $8 Billion From Aave Crypto TVL: Is the DeFi Protocol in Crisis?
Aave crypto is bleeding. The DeFi lending giant has shed nearly 21% over seven days, with AAVE trading around $90–$91 after a weekend that exposed just how quickly contagion spreads through interconnected DeFi protocols.
Volume spiked 50.20% to $539.45M in 24 hours, but that’s panic volume, not accumulation. Whether this selloff represents a buying opportunity or the start of a deeper unwind depends entirely on what happens next with protocol confidence.
The incident that triggered the collapse began Saturday when hackers drained 116,500 rsETH tokens worth approximately $293 million from Kelp DAO’s LayerZero-powered bridge.
The stolen funds were posted as collateral on Aave v3 to borrow wrapped Ether, leaving roughly $195 million in bad debt on the protocol.
Crypto analytics platform Lookonchain flagged the largest withdrawals: MEXC pulled $431 million, Abraxas Capital followed at $392 million.
Aave’s total value locked collapsed from $26.4 billion to $17.94 billion, stripping it of the top DeFi protocol ranking it held going into the weekend. Curve Finance, Ethena, and BitGo’s Wrapped Bitcoin all paused LayerZero bridge usage as a precaution.
The broader macro environment for crypto was already fragile. Now AAVE faces a protocol-specific credibility crisis layered on top of market-wide pressure — a combination that rarely resolves quickly.
Discover: The best pre-launch token sales
Can AAVE Crypto Price Recover to $120 This Week?
The honest answer: not easily. AAVE sits near $91 on major exchanges, down roughly 6% on Kraken in 24 hours and over 20% on the week, a significant deviation from the broader market’s comparatively mild -0.50% seven-day performance.
The all-time high of $661.69 feels like a different asset entirely from this distance (54% drawdown at current levels).
Volume surging alongside price decline is a classic distribution signal. It suggests sellers are finding liquidity into any bounce rather than buyers absorbing the dip with conviction.
The $90–$92 zone is acting as immediate support; a clean break below $89, which AAVE crypto briefly touched during the initial panic, opens the door toward the $78–$80 range where structural demand last materialized.
More realistically though, it usually takes time to rebuild trust after something like this, so price likely sits between $88 and $100 while the market processes the damage and watches how users react, which keeps any recovery slow and capped.
The real risk is if capital keeps leaving, because if TVL drops under $15B and withdrawals continue, that pressure shows up directly in price, and once $85 breaks, the structure weakens fast and opens the door toward $70.
Discover: The best crypto to diversify your portfolio with
Maxi Doge Eyes Early-Mover Upside as AAVE Absorbs Protocol Shock
Watching an established DeFi blue chip shed $8 billion in TVL over a weekend raises a reasonable question: when protocol risk can wipe out gains this fast, where does smart money rotate for asymmetric upside? The answer, increasingly, is early-stage presales, where market cap is microscopic, and the exploit risk of a $26B lending protocol simply doesn’t apply.
Maxi Doge ($MAXI) is one of the more unconventional entries in the current presale cycle — a meme token built on Ethereum that leans hard into the 1000x leverage trading mentality through what it calls “Lever King Culture.”
The project has raised $4,745,091.23 at a current presale price of $0.0002814, with dynamic staking APY available to participants.
Features include holder-only trading competitions with leaderboard rewards and a Maxi Fund treasury allocated to liquidity and partnerships.
The gym-bro branding is deliberate, viral meme marketing has driven outsized returns in this cycle before (Dogecoin, Shiba Inu, and their descendants all started somewhere).
Risk is real: meme tokens are high-volatility, high-failure-rate instruments. DYOR is not optional here. For those with risk appetite suited to early-stage exposure, research Maxi Doge before the presale window closes.
The post A $293 Million Hack Wiped $8 Billion From Aave Crypto TVL: Is the DeFi Protocol in Crisis? appeared first on Cryptonews.
Onchain investigator ZachXBT publicly challenged MemeCore on Monday to justify the valuation and supply distribution of its M token, asking the project to explain its market cap and why “insiders hold >90% of supply.”
“Please provide a single data point to support your $6B mkt cap at a top 20 token and why insiders hold >90% of supply,” wrote ZachXBT in a Monday X response to Memecore, a project advertising itself as the layer–1 blockchain for the “Meme 2.0 economy.”
The comments add fresh scrutiny to MemeCore after a sharp rally, though live valuation metrics differed across major trackers. CoinMarketCap ranked the token No. 21 at about $4.33 billion on Monday, while CoinGecko ranked it No. 20 at about $5.97 billion.
The second-largest holder, wallet “0x8b8,” held 50 million M tokens currently worth $178 million, representing 21.77% of the supply, according to blockchain data visualization platform Bubblemaps, which listed the Binance Deposit address as the largest holder with 41.3% of the supply.
However, the token holdings don’t necessarily point to coordinated activity, according to Bubblemaps blockchain data analyst 0xToolman, who told Cointelegraph that the “pattern looks like team holdings,” which may not be in circulation yet.
Cointelegraph has contacted MemeCore for comment on the matter and details surrounding the token’s distribution.
ZachXBT has not posted definitive blockchain data proving that 90% of the supply is held by insiders, but pledged to investigate the token after the recent meltdown of the Rave DAO (RAVE) token sent shockwaves across the industry.
Related: Suspected insider wallets rack up $1.2M betting on ZachXBT’s Axiom exposé
RAVE token’s 90% meltdown sparks insider concerns
On Saturday, ZachXBT accused RaveDAO of orchestrating a pump-and-dump scheme, citing concentrated token holdings and suspicious exchange flows, after the RAVE token soared from $0.25 to nearly $28 within days before crashing over 80%.
RaveDAO has denied any role in the token’s surge and collapse, Cointelegraph reported on Sunday. Both Binance and Bitget confirmed they are reviewing the situation.
The RAVE token fell 92% during the past week and was trading above $0.69 at 12:46 p.m. UTC on Monday, CoinMarketCap data shows.
ZachXBT claimed that RAVE was just one of several tokens spotting “manipulation” signs on major exchanges.
“Other projects with highly questionable price action recently include: SIREN, MYX, COAI, M, PIPPIN, RIVER,” he wrote in a Saturday X post, pledging to investigate these price movements to identify the responsible parties.
Magazine: Meet the onchain crypto detectives fighting crime better than the cops
Crypto World
LayerZero Post Mortem Shows Lazarus Group Stole $290M From KelpDAO via RPC Node Compromise
North Korea’s Lazarus Group exploited a single-verifier LayerZero setup to drain $290M in rsETH on April 18 by compromising RPC infrastructure and poisoning the bridge’s data feeds.
On April 18, 2026, North Korea’s Lazarus Group (TraderTraitor unit) executed a $290M theft from KelpDAO’s rsETH bridge by compromising two LayerZero RPC nodes that feed data to the protocol’s verifier. The attacker hacked the nodes, deployed malware to feed false transaction data exclusively to LayerZero’s verifier while maintaining honest responses to monitoring systems, then DDoS’d legitimate RPC endpoints to force the verifier to rely on the poisoned nodes. Once the verifier signed off on a fabricated transaction, the bridge released $290M in unbacked rsETH before the malware self-destructed and deleted all traces.
LayerZero Labs confirmed KelpDAO used a 1-of-1 DVN (Decentralized Verifier Network) setup—a single point of failure the protocol had repeatedly warned against—limiting contagion to KelpDAO’s bridge with no reported impact on other assets. Security researchers noted the attack vector raises unanswered questions about how the attacker obtained the RPC node list and achieved root-level access to production infrastructure, suggesting either a prior unreported LayerZero compromise, a breached deployment pipeline, or insider access rather than a Kelp-side misconfiguration.
Sources: LayerZero
This article was generated automatically by The Defiant’s AI news system from publicly available sources.
Crypto World
DeFi Contagion Spreads Beyond Aave as LayerZero, Lido, Ethena Suffer Sharp Declines: Santiment
AAVE, ZRO, LDO, and ENA tokens plunged 10–22% as market repriced risk across DeFi protocols exposed to a bad debt event, with LayerZero priced as equally culpable as the originating lender.
DeFi tokens suffered steep declines over a recent window as contagion from a bad debt event spread across multiple protocols. AAVE declined 22%, LayerZero’s ZRO fell 22%, Lido’s LDO dropped 19%, Ethena’s ENA slid 13%, and Compound’s COMP lost 10%, according to Santiment. ETH remained flat over the same period, highlighting the sector-specific pressure on DeFi assets.
LayerZero, which operated the bridge connecting the affected protocols, was repriced by markets as equally culpable to Aave, which held the bad debt. Notably, Ethena—which held zero exposure to the underlying rsETH collateral—still experienced a 13% decline, suggesting contagion fears extended to protocols with no direct exposure. Compound, with only minor rsETH exposure, fell 10%, indicating cascading risk reassessment across the broader DeFi ecosystem.
Sources: Santiment
This article was generated automatically by The Defiant’s AI news system from publicly available sources.
TLDR:
- Nike stock has fallen 76% from its 2021 all-time high of $179.10, now trading between $42 and $46 per share.
- China sales are projected to drop 20% as local brands like Li-Ning capture the mid-to-high-tier footwear market.
- Converse recorded a 35% revenue plunge, reflecting Nike’s broader loss of relevance in lifestyle and streetwear segments.
- Tim Cook and Director Bob Swan purchased a combined $3.5M in Nike shares, signaling boardroom confidence at decade lows.
Nike stock has fallen to its lowest level in over a decade, trading between $42 and $46 following an April 2026 earnings shock.
The decline represents a 76% drop from its 2021 all-time high of $179.10, erasing 12 years of gains for long-term shareholders.
Meanwhile, board members are purchasing shares at these levels, creating a split between public sentiment and insider conviction.
Overseas Pressure and Brand Challenges Drive Nike’s Decline
Nike faces a projected 20% sales drop in China, one of its highest-margin markets. The shift stems from Guochao, a cultural movement among Chinese millennials and Gen Z embracing domestic brands and national identity.
Local competitor Li-Ning sold over 26 million pairs of professional running shoes last year, moving firmly into the mid-to-high-tier segment.
As Li-Ning and similar brands gain ground, Nike’s premium positioning in China is becoming harder to defend. Analyst Ali Charts observed on X, noting that Nike is “currently weathering its most significant structural challenge since 2014,” with the stock retreating to a decade-low and erasing 12 years of gains for long-term holders.
The pressure is not limited to performance footwear. Converse, Nike’s lifestyle subsidiary, recorded a 35% revenue plunge, pointing to a broader loss of cultural relevance in the casual and streetwear segments.
This decline serves as a clear signal that the market is moving away from the classic aesthetics Nike has long relied on.
In response, CEO Elliott Hill has moved to rebuild wholesale partnerships with retailers like Foot Locker and Dick’s Sporting Goods.
This shift reverses the Direct-to-Consumer strategy that previously supported Nike’s higher profit margins. While it helps clear inventory, it marks a structural retreat for the brand.
Board Members Buy Shares as Stock Hits Oversold Territory
On the technical side, Nike’s monthly RSI has reached its most oversold reading since the company went public. Historically, Nike’s corrections have ranged from 24% to 73%. The current 76.5% drawdown from its all-time high is the steepest in company history.
Ali Charts further noted that the stock appears to be in the “Anger Phase” of the market cycle. This is the period when negative news feels heaviest, often just as a price floor begins forming. The zone between $35 and $42 is being watched as a potential long-term support area.
Against this backdrop, two Nike board members made notable open-market purchases. Tim Cook, Apple’s CEO and a Nike director, bought approximately $3 million in Nike shares. Director Bob Swan added $500,000 to his position at similar price levels.
Insider purchases of this size, made during a period of broad pessimism, tend to attract attention from value-oriented investors. They suggest that those closest to the company view current challenges as correctable rather than permanent.
LayerZero has attributed the Kelp DAO exploit to North Korea’s Lazarus Group, identifying a single-point-of-failure in the protocol’s verifier setup as the technical root cause that made the attack possible.
The breach drained an estimated $292 million from Kelp DAO’s rsETH pool on April 18, marking the largest DeFi hack of 2026 to date – and sent total value locked across the DeFi sector down 7% in 24 hours to $85 billion, according to DefiLlama.
The attribution lands not as a closed finding but as a probabilistic claim: LayerZero says Lazarus is the likely perpetrator, not a confirmed one. What that distinction means for the protocol, its users, and the cross-chain security model is the question this story answers.
- Attribution source: LayerZero conducted the post-incident investigation and named North Korea’s Lazarus Group – specifically the TraderTraitor subgroup – as the likely perpetrator.
- Technical root cause: Kelp DAO operated a 1-of-1 DVN (single decentralized verifier node) setup, ignoring LayerZero’s repeated recommendations for multi-verifier redundancy.
- Exploit amount: Approximately $292 million drained from Kelp DAO’s rsETH pool; no LayerZero protocol code or private keys were compromised.
- Market impact: DeFi TVL fell 7% in 24 hours to $86 billion following the incident.
- Response: LayerZero decommissioned affected RPC nodes and restored full DVN operations; law enforcement collaboration is ongoing for fund tracing.
- Watch: Whether Kelp DAO announces a compensation mechanism and whether additional cross-chain protocols operating single-DVN configurations move to remediate before the next attack.
Discover: The best pre-launch token sales
LayerZero’s Kelp DAO Lazarus Findings: What a Single-Point Failure Actually Means in Cross-Chain Architecture
The exploit’s mechanism was multi-step and precise. Attackers poisoned the RPC infrastructure feeding LayerZero’s decentralized verifier network, then launched a DDoS attack designed to force failover to compromised backup nodes.
With the verifier network redirected, the system validated fictitious cross-chain transactions, and $292 million in rsETH exited Kelp DAO’s pool before the fraud was detected.
The critical enabler: Kelp DAO ran a 1-of-1 DVN configuration, meaning a single verifier node stood between the protocol and catastrophic failure. LayerZero had flagged this architecture as inadequate – multiple times, according to the investigation – and recommended a multi-DVN setup consistent with industry best practices for redundancy. Kelp DAO did not act on those recommendations.
A multi-DVN setup would have required attackers to compromise several independent verification nodes simultaneously, a substantially harder technical lift. The 1-of-1 setup collapsed that barrier entirely. As Ripple CTO David Schwartz put it on X: “The attack was way more sophisticated than I expected and aimed at LayerZero infrastructure taking advantage of KelpDAO laziness.”
LayerZero’s response was surgical: the team decommissioned all affected RPC nodes post-incident and fully restored DVN operations without broader contagion to other protocols using the same infrastructure. No LayerZero protocol code was compromised. No private keys were exposed. The failure was architectural, not foundational – a distinction that matters enormously for the protocol’s credibility but does nothing to recover the $292 million.
Why North Korea Attribution Changes the Threat Model for All of DeFi
LayerZero’s Lazarus Kelp DAO attribution, framed as likely, not confirmed, is consistent with an established and accelerating pattern.
The TraderTraitor subgroup, a known Lazarus operational unit, was preliminarily identified in the forensic analysis. LayerZero is actively collaborating with global law enforcement on fund tracing, suggesting the attribution carries enough evidentiary weight to involve state-level investigative resources.
Lazarus has been tied to some of the largest crypto thefts on record, including the $625 million Ronin Network hack in 2022 and a string of DeFi protocol exploits that have collectively funneled billions into DPRK’s weapons programs, according to U.S. Treasury and UN assessments.
North Korea’s crypto operations extend well beyond direct exploits – the regime has also embedded operatives inside Web3 companies under fabricated identities, a parallel track that widens the attack surface beyond infrastructure alone.
Cross-chain protocols are structurally attractive targets for this class of actor. They sit at high-value junctions between multiple chains, often carrying pooled liquidity that dwarfs any single application’s balance, and their security depends on verifier networks that can become single points of failure when misconfigured. RPC poisoning as a tactic against verifier networks represents a novel escalation – one that security researchers say is now documented and replicable.
Discover: The best crypto to diversify your portfolio with
The post LayerZero Says Lazarus Group Likely Behind Kelp DAO Exploit appeared first on Cryptonews.
Tangem Pay lets users spend USDC directly from their self-custodial Tangem wallets, settling all transactions on Polygon.
Switzerland-headquartered hardware wallet company Tangem today announced the global rollout of its retail payments product, Tangem Pay, per a press release shared exclusively with The Defiant.
The new feature lets Tangem wallet users spend stablecoin USDC anywhere where Visa is accepted, using virtual Visa cards that can be added to Apple Pay and Google Pay.
The wallet manufacturer also announced today that it is partnering with Polygon for the new product, with the blockchain providing on-chain settlement for all transactions.
As of today, Tangem Pay is available to users in the U.S. (excluding some states), Latin America, and select countries in the Asia-Pacific region. The global rollout follows an early-access phase for waitlisted users that began in November, the press release notes.
Tangem is a self-custodial hardware wallet founded in 2017. Unlike crypto hardware wallet giants Trezor and Ledger, Tangem only offers NFC-powered devices for crypto storage, which come in two forms: a card that’s about the size and shape of a bank card, as well as a wearable ring.
How It Works
To pay with Tangem Pay, users need to convert funds they want to spend into USDC first, before transacting, the firm clarifed to The Defiant. “Over time, we will expand supported assets and settlement options,” Tangem Pay CEO Marcos Nunes told The Defiant.
Currently, the wallet only lets users create virtual Visa cards that they can add to payment services like Apple Pay. But the firm plans to launch physical cards as well.
“A large part of the world still relies on physical cards, and we want to support that fully,” said Nunes. Tangem Pay’s CEO told The Defiant that the physical Visa card launch is expected this year.
Why Polygon?
Tangem said that the firm selected Polygon for its transaction speed, predictable fees, and ability to handle the high transaction volumes required for global payments. “Payments are a scale game, not a theory exercise,” Nunes told The Defiant, continuing, “You need near-zero fees, fast finality, and reliability under load. Polygon delivers that today in a way that supports real daily spending.”
Nunes also added, “We are not dogmatic about chains. This is an infrastructure decision. If something better emerges, we will adapt.”
Per the press release, Polygon will cover gas fees for users, at least for the initial rollout period. There are no fees from Tangem’s side, Nunes clarified to The Defiant. “It should feel like using money in a regular account.”
Aishwary Gupta, head of global business development at Polygon Labs, said in a statement: “With Polygon as the settlement layer, Tangem Pay makes self-custody practical for real-world spending, combining the transparency of blockchain with the speed and reliability users expect.”
Polygon is an Ethereum sidechain with $1.27 billion in total value locked in DeFi across 775 protocols, per DefiLlama. That makes it the 11th-largest chain in DeFi by TVL, while it’s currently the 4th-largest chain by 24-hour active addresses.
In January, Polygon Labs announced its acquisition of two U.S. regulated crypto companies, Coinme and Sequence, adopting their licenses and enabling Polygon’s operations as a regulated payments platform across 48 U.S. states.
Spot Bitcoin ETFs logged nearly $1 billion in weekly net inflows last week, their strongest seven-day stretch since mid-January, per CoinGlass flow data.
BlackRock’s IBIT alone absorbed $612 million of that total, confirming institutional concentration in the dominant fund. The core question now: does this flow momentum translate into durable price support, or does tactical resistance cap the rally again?
Year-to-date Bitcoin product inflows have turned positive for the first time since January, a threshold Bloomberg ETF analyst Eric Balchunas flagged as signaling “extraordinary institutional acceptance” of Bitcoin as an asset class.
Total net assets across all U.S. spot Bitcoin ETFs surpassed $101 billion by Friday’s close, with daily trading volumes approaching $4.8 billion.
- Weekly inflows: Nearly $1 billion – highest since mid-January
- IBIT dominance: BlackRock captured $612 million of total flows
- Total net assets: Surpassed $101 billion by end of week
- YTD flows: Turned positive for first time since January per Bloomberg’s Balchunas
- Global share: U.S. institutions captured 96.4% of $1.1 billion in global crypto product inflows
- ETH ETFs: $275 million net inflows; XRP ETFs added $11.75 million; Solana lost $5.6 million
Discover: The best crypto to diversify your portfolio with
What $1 Billion in Weekly Bitcoin ETFs Inflows Actually Signals
The weekly flow breakdown reveals a Friday-heavy pattern: $663.9 million hit on Friday alone, roughly two-thirds of the total, with Tuesday contributing $411.5 million and Wednesday adding $186 million. Thursday brought just $26 million, and Monday registered a $291 million outflow. That volatility in daily flows suggests opportunistic accumulation rather than a steady institutional drip.
IBIT’s $612 million weekly haul pushed its market cap to $159.22 billion, placing it among the world’s largest ETFs by assets. Fidelity’s FBTC also contributed meaningfully to inflows, while Grayscale’s GBTC continued to bleed – a split that reflects sustained conviction in lower-fee products and residual exit pressure from legacy holders.
U.S. institutions captured 96.4% of global crypto product inflows last week, absorbing $1.06 billion of a $1.1 billion global total. That concentration matters: it signals that Bitcoin demand is increasingly centralized in regulated U.S. vehicles, making ETF flow data the most reliable leading indicator for near-term BTC price direction.
If weekly inflows sustain above $750 million, BTC’s support floor around current levels strengthens materially. If flows revert toward the $200–$300 million range seen during January’s plateau, the bid thins out fast.
Ethereum spot ETFs pulled in $275 million net last week, XRP ETFs added $11.75 million, and Solana shed $5.6 million; this was selective altcoin rotation, not a broad risk-on flush.
Discover: The best pre-launch token sales
The post Spot Bitcoin ETFs Near $1 Billion in Weekly Inflows, Best Stretch Since Mid-January appeared first on Cryptonews.
Flo Skatepark gets a big welcome in new Derby venue
Jack Draper to miss Madrid and Rome tournaments with knee injury
ASUS Drop Zone Service Now Available in More Cities Across India
-
Crypto World7 days agoThe SEC Conditionalises DeFi Platforms to Be Avoided for Broker Registration
-
NewsBeat6 days agoTrump and Pope Leo: Behind their disagreement over Iran war
-
Fashion3 days agoWeekend Open Thread: Theodora Dress
-
Crypto World7 days agoSEC Signals Exemption for Crypto Interfaces From Broker Registration
-
News Videos5 days agoSecure crypto trading starts with an FIU-registered
-
Sports3 days agoNWFL Suspends Two Players Over Post-Match Clash in Ado-Ekiti
-
Crypto World6 days agoSEC Proposes Certain Crypto Interfaces Don’t Need to Register as Brokers
-
Business24 hours agoPowerball Result April 18, 2026: No Jackpot Winner in Powerball Draw: $75 Million Rolls Over
-
Crypto World3 days agoRussia Pushes Bill to Criminalize Unregistered Crypto Services
-
Politics3 days agoPalestine barred from entering Canada for FIFA Congress
-
Business4 days agoCreo Medical agree sale of its manufacturing operation
-
Politics1 day agoZack Polanski demands ‘council homes not luxury flats for foreign investors’
-
Entertainment6 days agoBrand New Day’ Footage Reveals the Devastating Impact of ‘Now Way Home’
-
Crypto World3 days agoRussia Introduces Bill To Criminalize Unregistered Crypto Services
-
Tech6 days agoMicrosoft adds Windows protections for malicious Remote Desktop files
-
Entertainment7 days agoKarol G’s ‘Ultra Raunchy’ Coachella Set Gave ‘Satanic Vibes’
-
Sports7 days agoAaron Judge says Yankees need to ‘simplify’ approach amid offensive slump
-
Crypto World7 days ago
Senate Bill Faces Delay Over Stablecoin Yield Debate
-
Entertainment7 days agoHow Babylon 5 Turned Brief Side Story Into Emotional Masterpiece
-
Tech7 days agoWhat was the first ransomware attack to demand payment in Bitcoin?
You must be logged in to post a comment Login