Balancer DAO Releases Post-Mortem on $100 Million V2 Stable Pool Exploit
The decentralized finance ecosystem suffered one of its most significant security breaches in late 2025 when Balancer DAO disclosed a […]
Security
Securing Your DeFi Portfolio Against Legacy Smart Contract Vulnerabilities
The December 16, 2025 exploit of Yearn Finance’s legacy iEarn TUSD contract, which saw $300,000 drained through flash loan manipulation,
Yearn Finance V1 TUSD Vault Drained for $300K in Flash Loan Exploit
Yearn Finance’s legacy V1 infrastructure fell victim to a sophisticated flash loan attack on December 16, 2025, resulting in a
SoundCloud Data Breach Exposes Member Records: What Crypto Platforms Must Learn About Third-Party Risk
On December 15, 2025, SoundCloud confirmed a significant data breach after member data was stolen and VPN access was disrupted
EtherRAT Malware Hijacks Ethereum Smart Contracts for Stealth Command-and-Control Operations
Security researchers have uncovered a sophisticated new malware strain that uses Ethereum smart contracts as a command-and-control infrastructure, marking a
Mars Protocol Architecture Exploit Exposes $973K Gap in Perpetual Market Design
On December 14, 2025, Mars Protocol’s deployment on the Neutron blockchain suffered a sophisticated $973,000 exploit targeting its Perpetual Markets.
Aevo Oracle Upgrade Opens Door to $2.7 Million Ribbon Vault Drain
Decentralized exchange Aevo, formerly known as Ribbon Finance, has confirmed a $2.7 million exploit targeting its legacy Decentralized Options Vaults
Oracle Upgrades and Access Control: Security Takeaways From the $2.7M Ribbon Finance Exploit
On December 12, 2025, security researchers confirmed that legacy Ribbon Finance vaults operating under the Aevo brand lost approximately $2.7
React CVE-2025-55182 Weaponized in Mass Crypto Wallet Drainer Campaign
Cryptocurrency users and platform operators face an escalating threat as cybercriminals actively exploit a critical React vulnerability to inject wallet-draining
Securing Crypto Platforms Against Framework-Level Attacks: Lessons From the React2Shell Crisis
The React2Shell vulnerability (CVE-2025-55182) has forced the crypto industry to confront uncomfortable truths about its security posture. As CISA’s emergency