A $13 billion DeFi wipeout occurred over two days, beginning with the KelpDAO attack. Multiple lending and yield protocols experienced significant declines in total value locked (TVL), with some dropping by double digits. Despite the TVL losses, token prices remained relatively stable, highlighting the severity of the security breach and its impact on the DeFi ecosystem.
The AAVE DeFi protocol suffered a major exploit, causing a $7 billion drop in total value locked (TVL) and a 15% price decline. The security breach raises concerns about DeFi protocol vulnerabilities, prompting increased scrutiny from investors and developers. The incident underscores the importance of robust security measures in decentralized finance platforms to prevent future exploits.
KelpDAO, a liquid restaking protocol backed by YZi Labs, suffered a $290 million hack via LayerZero’s cross-chain bridge. LayerZero blames North Korea’s Lazarus Group and KelpDAO’s poor security practices for the exploit, which drained rsETH and risks contagion to protocols like Aave. The attack highlights security risks in cross-chain DeFi protocols.
Microsoft has issued emergency out-of-band updates to address critical issues affecting Windows Server systems following the April 2026 security patches. The fixes aim to resolve vulnerabilities that could be exploited by attackers, ensuring system stability and security for enterprise users. Microsoft recommends all affected users apply these updates immediately to mitigate risks.
Iran has labeled a recent ship attack as an act of aggression, amid escalating diplomatic tensions with the United States. The incident, which has heightened skepticism about US-Iran negotiations, threatens to hinder diplomatic progress. The rising hostility and aggressive rhetoric between the two nations are fueling concerns over potential conflicts and complicating efforts for resolution.
Amid rising geopolitical tensions, the crypto market experienced a significant $400 million liquidation on April 20, 2026. The volatility underscores the sector's sensitivity to global instability and macroeconomic shifts, reflecting how geopolitical events can trigger large-scale liquidations and impact market stability. This event highlights ongoing risks within the crypto ecosystem amid geopolitical uncertainties.
LayerZero Labs attributes the $290 million KelpDAO hack to a configuration error by KelpDAO, not a protocol flaw. The incident, linked to possible ties with North Korea’s Lazarus Group, marks a shift in investigation focus from infrastructure to application layer. The attack occurred in April 2026, highlighting ongoing security challenges in DeFi protocols.
