Arbitrum's Security Council has frozen 30,766 ETH, worth around $71 million, linked to the Kelp DAO rsETH exploit on April 21, 2026. The breach involved a $292 million attack exploiting LayerZero-powered bridge vulnerabilities. The frozen funds are held in a secure wallet, accessible only through further governance decisions, aiming to prevent further misuse of stolen assets.
LayerZero faced criticism after a $290 million hack of KelpDAO, blamed on a compromised verifier configuration. The attack, linked to North Korea’s Lazarus Group, exploited weaknesses in LayerZero’s cross-chain bridge. Despite claims of a “highly sophisticated attack,” the incident raised concerns about the security of LayerZero’s decentralized verifier networks, just weeks after Drift Protocol’s $285 million breach.
Gunvor has warned that a three-month closure of the Strait of Hormuz could significantly increase global recession risks, potentially worsening economic vulnerabilities worldwide. The company’s statement highlights the critical importance of the strait for global trade and energy supplies, emphasizing that prolonged closure could have severe economic repercussions, including heightened recession threats.
Israeli reservists were wounded by a Hezbollah missile despite a ceasefire agreement, highlighting ongoing security risks in the region. The attack, which occurred in April 2026, underscores the fragility of ceasefire deals and could impact regional stability and peace efforts. The incident raises concerns about security vulnerabilities amid ongoing tensions between Israel and Hezbollah.
Hackers stole 116,500 rsETH tokens worth $292 million from Kelp DAO’s LayerZero bridge on April 18. They used the stolen tokens as collateral on Aave V3 to borrow wrapped Ether. Aave’s risk managers outlined two bad debt scenarios: $123.7 million or $230.1 million, causing a crisis for Kelp DAO and LayerZero.
On April 18, a Justin Sun-linked wallet withdrew 274 million USDT from Aave shortly after the protocol froze its rsETH markets following the KelpDAO exploit. The withdrawal occurred just 21 minutes after the freeze, raising concerns about potential security and liquidity issues linked to the wallet. This incident highlights ongoing risks in DeFi security and asset management.
Ripple aims to make the XRP Ledger quantum-resistant by 2028, unveiling a four-phase plan. Phase 1 includes an emergency "Q-Day" migration to quantum-safe accounts, while Phase 2, underway, involves a vulnerability assessment expected to finish in the first half of 2026. Ripple has partnered with quantum security firm Project Eleven to accelerate this security upgrade.
