• KelpDAO $290m LayerZero bridge exploit.

• Aave freezes WETH and LST markets.

• Fluid aWETH Redemption Protocol.

• LayerZero RPC-poisoning attack.

• Eth.limo suffers nameserver hijack.

Lido Earn lets you deploy ETH or stablecoins into curated DeFi strategies for optimised yield. Two vaults, daily rewards, automatic compounding, and first-loss protection. Get started on stake.lido.fi/earn

Notice - April 20, 2026: EarnETH has direct exposure to rsETH.

KelpDAO suffered a $290 million exploit involving its LayerZero-powered cross-chain bridge. An attacker released 116,500 rsETH from the bridge contract on Ethereum mainnet without a corresponding burn on L2, representing roughly 18% of the rsETH circulating supply. The funds were used as collateral across Aave V3, Compound V3, and Euler to borrow an estimated $236 million in WETH. Read more →

Large depositors, including Justin Sun and MEXC, withdrew millions from Aave in the hours following the KelpDAO exploit. Aave disabled rsETH markets on V3 and V4, disabled WETH markets across Ethereum, Arbitrum, Base, Mantle, and Linea, and disabled borrowing on all LST and LRT collateral types. Aave's TVL has fallen by $8.4 billion since the rsETH exploit. Read more →

Fluid launched the aWETH Redemption Protocol, allowing Aave lenders to swap aWETH collateral for wstETH or weETH at a cost of approximately 2%. Fluid is able to offer the service because it operates a leveraged looping vault holding $144 million in Aave positions that it is looking to unwind. The solution currently only supports swaps on Ethereum mainnet. Read more →

LayerZero published a statement claiming the exploit stemmed from a sophisticated RPC-poisoning attack and attributed the incident to the TraderTraitor subgroup of North Korea's Lazarus Group. LayerZero Labs placed responsibility on KelpDAO's 1-of-1 DVN configuration and stated it will no longer support single-DVN setups. Read more →

Eth.limo, a Web2 gateway that enables ENS domains to be accessed over HTTPS, suffered a domain hijack on April 17, 2026. An attacker tricked the DNS registrar EasyDNS into carrying out a fraudulent account recovery, though DNSSEC contained an attack. Eth.limo plans to migrate to Domainsure, which eliminates account recovery options. Read more →

• Bitmine buys 101k ETH

• CoinCenter report on code is speech

• ENS IPFS hosted apps

• L2Beat interactive interop page

• Vercel suffers a data breach

• 26 protocols paused OFT

• Solidity survey results

• Privacy Cash live on Base

• Base agent market

Disclaimer: Content is for informational purposes only, not endorsement or investment advice. The accuracy of information is not guaranteed.