33 articles
Web3 WatchCertiK flagged a suspicious drain of $2.19M from Aztec Connect on Ethereum. The contract was deprecated three years ago and cannot be paused or upgraded by anyone.
Web3 WatchRaydium's treasury will cover roughly $1.34 million drained from five legacy pools in a defunct program phased out since 2021, after an attacker bypassed LP mint checks.
Web3 WatchFluid's off-chain reward infrastructure was drained on May 27. Four days passed before users knew. What followed was not just a hack disclosure but a quiet $100 million confidence crisis.
Web3 WatchGravity Bridge lost $5.4M after attackers poisoned validators into signing away their own power. Here is exactly how it unfolded.
Web3 WatchStake DAO suffers active exploit on Arbitrum after deployer key compromise. Attacker mints 5.4T vsdCRV, swaps for ETH. Curve warns LlamaLend users to exit now.
Web3 WatchCommonHub Brussels lost its entire €110,000 community treasury on May 25 after attackers drained its SAFE multisig wallet — exploiting signing keys that should have been removed months earlier.
Web3 Watch86 Gnosis Safe wallets lost $3.2M in under two hours on May 25. The attacker couldn't just transfer funds. The module's permissions only allowed Uniswap V3 swaps, so they engineered a fake pool to drain instead.
editorial-picksBlockchain security firm Blockaid flagged the attack live. The attacker minted 8.35M USDR and 4.5M EURR with no collateral, then swapped them on DEXes for 1,115 ETH. StablR holds a Malta EMI license and had received investment from Tether.
Web3 WatchTHORChain node operators are voting on ADR-028 following a May 15 vault exploit that drained $10.7M. The plan uses protocol-owned liquidity first, protects innocent nodes, and avoids minting new RUNE.