Hackers Now Steal DeFi Keys Before Code Ships
A new malware campaign hits crypto developers upstream, lifting GitHub tokens, SSH keys, and wallets so attackers own the build before a protocol ever goes live.
Every Zipp story tagged #Exploits, newest first.
A new malware campaign hits crypto developers upstream, lifting GitHub tokens, SSH keys, and wallets so attackers own the build before a protocol ever goes live.
Binance Research said April DeFi exploits triggered roughly $13 billion in outflows, sharply compressing total value…
A single deployer-key compromise on Arbitrum let an attacker forge 5.4 trillion vsdCRV — but the structural read is that automated yield vaults bundle risks the interface never shows, and April 2026…
OpenZeppelin's CEO says coding agents have flipped the asymmetry on smart contract security — and $1.1B in 12-month hack losses plus a $20B+ TVL drop make the warning impossible to wave off.
When the lead author of the contracts the space audits itself against tells you to leave Aave, MakerDAO, and Compound too, the warning is structural — not protocol-specific.
Socket's TrapDoor disclosure named 34+ malicious packages across npm, PyPI and Crates.io targeting developer machines, CI/CD credentials and AI coding files — the control plane a smart-contract audit…
A 1,000 $eBTC mint for free, a cross-chain bridge hit, and a THORChain swap drain — the pattern of cheap, repeatable exploits is what should worry protocols running live TVL.
The record counts both raw dollars and incident count, and the dollar figure only excludes the February 2025 Bybit event — context that frames the month as the worst stretch for protocol security…
Five months after a ~$120M exploit, the Balancer attacker is back on-chain, swapping 1,100 ETH into BTC through THORChain's cross-chain router in under an hour.