{ "name": "ZeroDay Dev Exploit-Data", "description": "Machine-readable catalog of exploit incidents and CVE learning references included in ZeroDay Dev.", "entryCount": 172, "generatedAt": "2026-05-13", "sourceRepo": "ZeroDay-Dev", "sourceFile": "snippets/real_world_exploits_index.json", "sourceCommit": "cbe4271", "entries": [ { "title": "0ktapus, Twilio and Cloudflare SMS phishing", "summary": "SMS phishing campaign used a real-time relay kit to capture and forward TOTP codes, compromising Twilio and 136 companies. Cloudflare blocked it with FIDO2 hardware keys.", "type": "incident", "sortKey": "0ktapus, twilio and cloudflare sms phishing", "date": "Aug 2022", "amount": "Unknown" }, { "title": "1inch Fusion V1 Settlement", "summary": "Integer underflow in Yul pointer arithmetic corrupted calldata suffix handling and enabled unauthorized resolver execution.", "type": "incident", "sortKey": "1inch fusion v1 settlement", "date": "2025-03", "amount": "$5M" }, { "title": "Aave + CoW Swap", "summary": "A large fill-or-kill aUSDT->aAAVE swap executed at extreme price impact after quote-quality degradation, solver non-delivery, and auction-path failures.", "type": "incident", "sortKey": "aave + cow swap", "date": "2026-03", "amount": "~$50M\u2192$36K" }, { "title": "Aave wstETH CAPO", "summary": "~$26M wrongful liquidations (Mar 2026). snapshotRatio vs snapshotTimestamp misalignment.", "type": "incident", "sortKey": "aave wsteth capo", "date": "Mar 2026", "amount": "$26M" }, { "title": "Abracadabra", "summary": "Attackers used flash loans to inflate collateral values, then exploited rounding truncation in the lending contract's LTV calculation to over-borrow MIM stablecoin.", "type": "incident", "sortKey": "abracadabra", "date": "2025-10", "amount": "~$13M" }, { "title": "ALEX Protocol", "summary": "ALEX Protocol on Stacks (Bitcoin L2) lost $8.3M when an attacker exploited missing authorization checks in the vault permission system, bypassing intended access controls.", "type": "incident", "sortKey": "alex protocol", "date": "2025-06", "amount": "~$8.3M" }, { "title": "Alpha Homora / Iron Bank", "summary": "A cross-protocol integration weakness between Alpha Homora and Iron Bank enabled recursive borrowing and bad debt.", "type": "incident", "sortKey": "alpha homora / iron bank", "date": "2021-02", "amount": "$37M" }, { "title": "Ankr/Helio", "summary": "A compromised Ankr deployer key enabled minting 6T aBNBc tokens. The market price crashed but Helio\u2019s oracle remained at the pre-dump level. Attackers bought cheap aBNBc, posted it at the stale price as collateral, and borrowed $10M in HAY stablecoin.", "type": "incident", "sortKey": "ankr/helio", "date": "2022-12", "amount": "$15M" }, { "title": "Aperture Finance", "summary": "LP position management contract's internal swap helper accepted user-controlled call target and calldata without whitelist; attacker passed WBTC contract as target and forged transferFrom calldata to drain victim approvals including ERC-721 LP NFTs.", "type": "incident", "sortKey": "aperture finance", "date": "2026-01", "amount": "~$3.7M" }, { "title": "Axios npm Supply Chain", "summary": "Attackers compromised the axios lead maintainer's PC via a multi-week social engineering campaign and RAT malware. Using the stolen npm credentials they published axios@1.14.1 and 0.30.4 with a poisoned dependency, plain-crypto-js@4.2.1. A postinstall hook in setup.js deployed a cross-platform remote access trojan that harvested environment variables and CI/CD secrets, contacting C2 at sfrclak.com:8000 (142.11.206.73). The malicious versions were live for ~3 hours before the npm team removed them after community escalation.", "type": "incident", "sortKey": "axios npm supply chain", "date": "2026-03", "amount": "Unknown" }, { "title": "BadgerDAO Frontend Compromise", "summary": "Attackers compromised frontend dependencies and injected malicious transaction flows. Users signed approvals to attacker-controlled spenders via trusted UI paths.", "type": "incident", "sortKey": "badgerdao frontend compromise", "date": "2021-12", "amount": "$120M" }, { "title": "Balancer v2", "summary": "Composable Stable Pools undercharged exact-out swaps because _upscale always rounded down even after scaling factors began incorporating rate-provider values. Attackers used BPT-as-a-token exitSwaps and batchSwap net settlement to push pools into low liquidity, deflate the stable invariant, and later withdraw Vault internal balances.", "type": "incident", "sortKey": "balancer v2", "date": "2025-11", "amount": "$121.1M" }, { "title": "Base USDC", "summary": "malicious spender approvals drained funds (Jan 2026).", "type": "incident", "sortKey": "base usdc", "date": "Jan 2026", "amount": "Unknown" }, { "title": "BCE Token", "summary": "BCE token on BNB Chain embedded IUniswapV2Pair(pair).sync() inside its _transfer burn logic; the attacker deployed two fresh contracts (not in the static address blacklist) and routed BCE sells through PancakeRouter - each sell triggered a burn that called sync() mid-swap, corrupting the BCE-USDT pair reserve accounting. With the k invariant lowered, the attacker extracted ~$679K USDT in one transaction.", "type": "incident", "sortKey": "bce token", "date": "2025-03", "amount": "~$679K" }, { "title": "Beanstalk", "summary": "~$76M drained (Apr 2022). Flash-loan governance takeover; emergencyCommit in same block.", "type": "incident", "sortKey": "beanstalk", "date": "Apr 2022", "amount": "$182M" }, { "title": "BNB Bridge (Token Hub)", "summary": "A verification flaw let attackers submit crafted proofs that bypassed intended bridge checks. The bridge minted assets that were not properly backed by source-chain state.", "type": "incident", "sortKey": "bnb bridge (token hub)", "date": "2022-10", "amount": "$566M" }, { "title": "BonqDAO", "summary": "Manipulated collateral pricing enabled under-collateralized borrowing and protocol insolvency. Losses propagated through dependent debt positions.", "type": "incident", "sortKey": "bonqdao", "date": "2023-02", "amount": "$120M" }, { "title": "British Airways (Magecart)", "summary": "Compromised third-party script execution in checkout context enabled card-skimming JavaScript to exfiltrate payment data in-browser.", "type": "incident", "sortKey": "british airways (magecart)", "date": "Sep 2018", "amount": "Unknown" }, { "title": "Bunni V2", "summary": "rounding down in withdraw under-burned shares; 44 tiny withdrawals + sandwich drained ~$8.3M (Sep 2025).", "type": "incident", "sortKey": "bunni v2", "date": "Sep 2025", "amount": "$8.3M" }, { "title": "Bybit", "summary": "A signing-flow/UI spoofing attack enabled approval of malicious payloads while presenting benign transaction context to signers.", "type": "incident", "sortKey": "bybit", "date": "2025-02", "amount": "$1.5B" }, { "title": "bZx Fulcrum", "summary": "Two February 2020 incidents on Ethereum mainnet. Feb 15: dYdX flash loan \u2192 Compound WBTC hoard \u2192 bZx 5x margin short via Kyber/Uniswap moved WBTC spot; a margin health check was skipped when loadDataBytes was empty and sentAmounts[6] equaled sentAmounts[1], so an undercollateralized position was opened and value leaked. Feb 18: flash loan from bZx iETH; attacker pushed sUSD price on Kyber then borrowed ~6.8k ETH against mispriced collateral.", "type": "incident", "sortKey": "bzx fulcrum", "date": "Feb 2020", "amount": "~$918K" }, { "title": "Capital One", "summary": "The 2019 Capital One breach: server-side URL fetchers accepted attacker-controlled targets, enabling access to cloud metadata credentials and large-scale data theft.", "type": "incident", "sortKey": "capital one", "date": "", "amount": "Unknown" }, { "title": "Cashio", "summary": "Cashio's CASH minting logic validated the collateral type inside the passed arrow account but never verified that arrow was owned by the Cashio program. Attacker created a fake arrow pointing to a worthless token, passed it to the mint instruction, and minted over 2 billion CASH tokens immediately swapped for USDC, USDT, and UST.", "type": "incident", "sortKey": "cashio", "date": "2022-03", "amount": "~$52.8M" }, { "title": "Cetus Protocol", "summary": "$223M drained (May 2025, Sui). Incorrect overflow guard in checked_shlw corrupted add-liquidity token-delta.", "type": "incident", "sortKey": "cetus protocol", "date": "May 2025", "amount": "$223M" }, { "title": "Change Healthcare, ALPHV/BlackCat", "summary": "ALPHV gained initial access via stolen credentials on a Citrix gateway with MFA disabled, then moved laterally to exfiltrate 6\u20138 TB of medical records for 190 million Americans.", "type": "incident", "sortKey": "change healthcare, alphv/blackcat", "date": "Feb 2024", "amount": "$22M" }, { "title": "CircleCI incident", "summary": "Malware on a CircleCI engineer's laptop stole a 2FA-backed SSO session cookie with a 30-day lifetime, providing persistent production access and enabling extraction of encryption keys from live process memory.", "type": "incident", "sortKey": "circleci incident", "date": "Jan 2023", "amount": "Unknown" }, { "title": "Cisco Catalyst SD-WAN Manager (Mar-Apr 2026 API chain, CVE-2026-20122/20128/20133)", "summary": "Cisco disclosed active exploitation across multiple SD-WAN Manager API flaws in March and April 2026. The set included unauthenticated information disclosure bugs (CVE-2026-20128 and CVE-2026-20133) and an authenticated arbitrary file overwrite bug (CVE-2026-20122) that could elevate a read-only API user to vManage privileges.", "type": "cve", "sortKey": "cisco catalyst sd-wan manager (mar-apr 2026 api chain, cve-2026-20122/20128/20133)", "date": "2026-04", "amount": "Unknown" }, { "title": "CitrixBleed (CVE-2023-4966)", "summary": "A buffer overread in Citrix NetScaler ADC and Gateway leaked authenticated session tokens from heap memory. Unauthenticated attackers replayed tokens to bypass MFA and gain full access to enterprise networks.", "type": "cve", "sortKey": "citrixbleed (cve-2023-4966)", "date": "Oct 2023", "amount": "Unknown" }, { "title": "Coinbase Data Breach", "summary": "Company insiders were bribed to export sensitive customer information including names, contact data, and partial account details, enabling downstream social engineering attacks.", "type": "incident", "sortKey": "coinbase data breach", "date": "2025-05", "amount": "~$8M" }, { "title": "CoinsPaid", "summary": "CoinsPaid lost $37.3M after a months-long social-engineering campaign culminated in an employee executing malware from a fake hiring workflow. Attackers gained workstation and infrastructure access before withdrawing operational funds.", "type": "incident", "sortKey": "coinspaid", "date": "Jul 2023", "amount": "$37.3M" }, { "title": "Compound COMP Distribution Bug", "summary": "A Compound governance upgrade introduced an off-by-one error in COMP distribution, letting users claim excess rewards. Because protocol changes require a 2-day governance timelock, the emergency patch could not be deployed immediately.", "type": "incident", "sortKey": "compound comp distribution bug", "date": "2021-09", "amount": "$70M" }, { "title": "Compound Proposal 289", "summary": "Compound Proposal 289, July 2024. 499,000 COMP (~$24M) transferred to 'Golden Boys' unmonitored multisig via legitimate governance vote.", "type": "incident", "sortKey": "compound proposal 289", "date": "July 2024", "amount": "$24M" }, { "title": "Confluence RCE (CVE-2021-26084)", "summary": "Atlassian Confluence's WebWork MVC layer evaluated OGNL expressions from unauthenticated HTTP request parameters. Mass exploitation began within days of disclosure, deploying cryptominers and web shells across internet-facing Confluence instances.", "type": "cve", "sortKey": "confluence rce (cve-2021-26084)", "date": "Aug 2021", "amount": "Unknown" }, { "title": "cPanel & WHM (CVE-2026-41940)", "summary": "A crafted Basic auth header with CRLF bytes injected attacker-controlled keys into cPanel's raw session file. Because the loader preferred JSON cache state, the forged lines only became authoritative after cache promotion, enabling management-plane authentication bypass.", "type": "cve", "sortKey": "cpanel & whm (cve-2026-41940)", "date": "2026-04", "amount": "Unknown" }, { "title": "Cream Finance", "summary": "Oracle relied on yVault pricePerShare() which could be manipulated by reducing share supply. Attacker inflated collateral valuation to borrow all available liquidity.", "type": "incident", "sortKey": "cream finance", "date": "2021-10", "amount": "$130M" }, { "title": "Crema Finance", "summary": "Crema Finance's concentrated liquidity Claim instruction read fee accumulator fields from the caller-supplied tick account without verifying it was a valid PDA owned by the Crema program. Attacker constructed a fake tick account with maximally inflated fee data, injected it alongside a Solend flash loan, and claimed the entire pool's reserves as phantom fees.", "type": "incident", "sortKey": "crema finance", "date": "2022-07", "amount": "~$8.8M" }, { "title": "CrossCurve / Portal", "summary": "Unrestricted express execution and weak threshold assumptions enabled unauthorized cross-chain actions.", "type": "incident", "sortKey": "crosscurve / portal", "date": "2026-02", "amount": "$1.7M" }, { "title": "Curve/Vyper reentrancy lock bug", "summary": "A compiler-level reentrancy lock issue impacted multiple Curve pools and downstream integrators. Attackers exploited callback windows and inconsistent lock behavior during liquidity operations.", "type": "incident", "sortKey": "curve/vyper reentrancy lock bug", "date": "2023-07", "amount": "$60M+" }, { "title": "CVE-2016-5195", "summary": "Dirty COW was a Linux kernel race condition that let an unprivileged local process write to read-only mappings and escalate to root privileges on affected systems.", "type": "cve", "date": "2016", "amount": "N/A", "sortKey": "cve-2016-5195" }, { "title": "CVE-2017-0144", "summary": "EternalBlue was the SMBv1 remote code execution flaw later weaponized by WannaCry, allowing wormable compromise of unpatched Windows systems over the network.", "type": "cve", "date": "2017", "amount": "N/A", "sortKey": "cve-2017-0144" }, { "title": "CVE-2021-41773", "summary": "An Apache HTTP Server path traversal flaw could expose files outside the document root and, in some configurations, lead to remote code execution through CGI paths.", "type": "cve", "date": "2021", "amount": "N/A", "sortKey": "cve-2021-41773" }, { "title": "CVE-2023-30541", "summary": "This OpenZeppelin proxy selector-clash issue highlighted how overlapping admin and implementation selectors can route privileged calls incorrectly without transparent-proxy safeguards.", "type": "cve", "date": "2023", "amount": "N/A", "sortKey": "cve-2023-30541" }, { "title": "CVE-2023-42462", "summary": "A Vyper compiler bug broke expected nonreentrancy protections by generating incorrect storage locking behavior, contributing to reentrancy risk in affected contracts.", "type": "cve", "date": "2023", "amount": "N/A", "sortKey": "cve-2023-42462" }, { "title": "Cyberhaven Chrome Extension", "summary": "On December 24, 2024, an attacker phished a Cyberhaven employee into authorizing a malicious OAuth application named 'Privacy Policy Extension', granting Chrome Web Store admin access. The attacker published v24.10.4 with modified worker.js (C2 communication to cyberhavenext.pro) and a new content.js (DOM monitoring and cookie exfiltration). Approximately 400K browsers auto-updated between Dec 25 01:32 UTC and Dec 26 02:50 UTC. Primary targets were Facebook advertising credentials and authenticated sessions.", "type": "incident", "sortKey": "cyberhaven chrome extension", "date": "2024-12", "amount": "Unknown" }, { "title": "DBXen", "summary": "Authorization logic mixed `msg.sender` and `_msgSender()` with forwarder semantics, enabling permission confusion.", "type": "incident", "sortKey": "dbxen", "date": "2026-03", "amount": "$135K" }, { "title": "DEXX", "summary": "DEXX operated as a custodial Solana trading terminal, holding user private keys server-side. Private keys were transmitted in plaintext in export_wallet API responses. A server-side breach or traffic interception gave the attacker signing keys for 8,620+ wallets, which were drained of ~$30M in assets.", "type": "incident", "sortKey": "dexx", "date": "2024-11", "amount": "~$30M" }, { "title": "dForce (Lendf.Me)", "summary": "Lendf.Me called transferFrom before recording the deposit. imBTC (ERC-777) fired tokensReceived on the contract during transfer, allowing the attacker to re-enter supply() and inflate their credited balance before it was written.", "type": "incident", "sortKey": "dforce (lendf.me)", "date": "2020-04", "amount": "$25M" }, { "title": "DMM Bitcoin", "summary": "An unauthorized outflow of 4,502.9 BTC (~$305M) left DMM Bitcoin in May 2024. The operator did not publicly confirm the exact intrusion path, but the incident is widely treated as a likely hot-wallet or signing-authority compromise.", "type": "incident", "sortKey": "dmm bitcoin", "date": "May 2024", "amount": "$305M" }, { "title": "Drift Protocol", "summary": "Citrine Sleet (UNC4736, DPRK - same group as the October 2024 Radiant Capital hack) conducted a 6-month intelligence operation: fake quantitative trading firm, in-person contact at multiple crypto conferences across multiple countries, $1M Ecosystem Vault deposit to build trust, device compromise via a malicious code repository exploiting a VSCode/Cursor zero-click vulnerability and a TestFlight wallet app. Two of five Security Council members were induced to pre-sign governance transactions using Solana's durable nonce feature. On April 1, 2026, the attacker executed the pre-signed transactions to seize admin control, listed a fake CVT collateral market with a manipulated oracle, removed withdrawal limits, and drained ~$285M in 31 withdrawals over 12 minutes.", "type": "incident", "sortKey": "drift protocol", "date": "2026-04", "amount": "~$285M" }, { "title": "Equifax Data Breach", "summary": "Attackers exploited Apache Struts 2 OGNL injection (CVE-2017-5638) in an internet-facing Equifax dispute portal. A crafted Content-Type header achieved remote code execution on a system that should have been patched months earlier.", "type": "incident", "sortKey": "equifax data breach", "date": "Sep 2017", "amount": "Unknown" }, { "title": "Euler Finance", "summary": "Donation of eTokens reduced collateral without a liquidity check, enabling engineered liquidation profit.", "type": "incident", "sortKey": "euler finance", "date": "2023-03", "amount": "$197M" }, { "title": "Follina (CVE-2022-30190)", "summary": "A malicious Office document invoked the ms-msdt:// URI protocol handler via an external OLE relationship, triggering Microsoft Support Diagnostic Tool to execute attacker-supplied PowerShell without any macro enablement \u2014 exploitable via Preview Pane in some configurations.", "type": "cve", "sortKey": "follina (cve-2022-30190)", "date": "May 2022", "amount": "Unknown" }, { "title": "FoomLottery", "summary": "~$1.1M at risk (Feb 2026). Whitehat rescue; same Groth16 verifier flaw as VeilCash.", "type": "incident", "sortKey": "foomlottery", "date": "Feb 2026", "amount": "$1.1M" }, { "title": "FortiClient EMS SQL Injection (CVE-2026-21643)", "summary": "CVE-2026-21643 is an actively exploited SQL injection flaw in Fortinet FortiClient EMS. Reports indicate the `/api/v1/init_consts` path trusted an attacker-controlled `Site` header, allowing unauthenticated database manipulation and follow-on command or code execution on the management server.", "type": "cve", "sortKey": "forticlient ems sql injection (cve-2026-21643)", "date": "2026-04", "amount": "Unknown" }, { "title": "Fortinet FortiClient EMS", "summary": "CVE-2026-35616 was an actively exploited improper access control flaw in FortiClient EMS that let unauthenticated attackers send crafted API requests to bypass authentication and authorization checks, enabling unauthorized code or command execution on the management server. For crypto firms, compromise of an endpoint-management plane can become a pivot into operator workstations, VPN access, and custody-adjacent infrastructure.", "type": "incident", "sortKey": "fortinet forticlient ems", "date": "2026-04", "amount": "Unknown" }, { "title": "Furucombo", "summary": "Attacker registered a cube pointing to Aave v2\u2019s implementation. Furucombo\u2019s proxy delegatecall\u2019d into it, executing Aave code in the proxy\u2019s storage context. Because the proxy held infinite user approvals, the attacker drained them via transferFrom.", "type": "incident", "sortKey": "furucombo", "date": "2021-02", "amount": "$14M" }, { "title": "Fuse", "summary": "oracle manipulation drained overvalued collateral (Jan 2023).", "type": "incident", "sortKey": "fuse", "date": "Jan 2023", "amount": "Unknown" }, { "title": "FutureSwap", "summary": "433K USD drained (Jan 2026). Unit mismatch in calculations.", "type": "incident", "sortKey": "futureswap", "date": "Jan 2026", "amount": "Unknown" }, { "title": "Gala Games", "summary": "Legacy/deployer authority compromise allowed unauthorized minting and market disruption.", "type": "incident", "sortKey": "gala games", "date": "2024-05", "amount": "$216M" }, { "title": "GMX", "summary": "share price manipulation (Jul 2025).", "type": "incident", "sortKey": "gmx", "date": "Jul 2025", "amount": "Unknown" }, { "title": "Grok Bankrbot Morse-Code Prompt Injection", "summary": "An attacker posted Morse code to X, Grok decoded it, and Bankrbot treated the decoded text as an authorized transfer instruction, moving 3 billion DRB from a verified wallet on Base.", "type": "incident", "sortKey": "grok bankrbot morse-code prompt injection", "date": "2026-05", "amount": "~$200K" }, { "title": "Harmony Horizon Bridge", "summary": "Attacker obtained enough validator keys to satisfy bridge withdrawal threshold. Once signatures were forged, funds were released as if legitimate.", "type": "incident", "sortKey": "harmony horizon bridge", "date": "2022-06", "amount": "$100M" }, { "title": "Harvest Finance", "summary": "Attackers used flash loans and rapid Curve pool imbalances to exploit Harvest vault share accounting assumptions.", "type": "incident", "sortKey": "harvest finance", "date": "2020-10", "amount": "$24M" }, { "title": "Heartbleed (CVE-2014-0160)", "summary": "CVE-2014-0160 (Apr 2014): The TLS heartbeat extension lets a client send a 'payload' with a claimed length up to 64 KB. OpenSSL copied that many bytes from server memory using the attacker-supplied length, without checking whether that many bytes were actually received. One request could silently return 64 KB of heap - private keys, session tokens, passwords - with no server-side log entry and no connection state needed.", "type": "cve", "sortKey": "heartbleed (cve-2014-0160)", "date": "Apr 2014", "amount": "Unknown" }, { "title": "Hegic", "summary": "Withdrawal state was not marked consumed per position/tranche, allowing repeated withdrawals against the same entitlement.", "type": "incident", "sortKey": "hegic", "date": "2025-01", "amount": "~$60K" }, { "title": "HTX / Heco", "summary": "Compromised bridge/wallet custody controls enabled high-value unauthorized transfers.", "type": "incident", "sortKey": "htx / heco", "date": "2023-11", "amount": "$258M" }, { "title": "Hundred Finance", "summary": "A forked lending implementation inherited fragile accounting behavior under edge conditions. Attackers exploited the gap between assumed and actual solvency calculations.", "type": "incident", "sortKey": "hundred finance", "date": "2023-04", "amount": "$7M" }, { "title": "Hyperbridge", "summary": "A forged MMR-based cross-chain request exploited proof verification edge cases and missing trust-boundary hardening, letting the attacker seize bridged DOT mint authority on Ethereum, mint 1B unbacked tokens, and extract about 108.2 ETH.", "type": "incident", "sortKey": "hyperbridge", "date": "2026-04", "amount": "~$237K" }, { "title": "imBTC Uniswap V1 Reentrancy", "summary": "777 tokensToSend hook, April 2020.", "type": "incident", "sortKey": "imbtc uniswap v1 reentrancy", "date": "April 2020", "amount": "Unknown" }, { "title": "Indexed Finance", "summary": "The pool pricing/share invariant was broken via token balance manipulation and flash liquidity, enabling underpriced withdrawals.", "type": "incident", "sortKey": "indexed finance", "date": "2021-10", "amount": "~$50K" }, { "title": "Infini", "summary": "Stablecoin neobank Infini lost $49.5M when an address with developer-level admin permissions, never revoked after deployment, drained protocol reserves.", "type": "incident", "sortKey": "infini", "date": "2025-02", "amount": "~$49.5M" }, { "title": "Inverse Finance", "summary": "Inverse Finance\u2019s oracle relied on a low-liquidity INV/WETH Uniswap pair via Keep3r. An attacker flash-loaned $150M, swapped into the pair to inflate INV\u2019s price, borrowed against the manipulated collateral value, and repaid the flash loan.", "type": "incident", "sortKey": "inverse finance", "date": "2022-04", "amount": "$15.6M" }, { "title": "IoTeX ioTube", "summary": "Compromised owner private key to the TransferValidatorWithPayload bridge contract allowed attacker to call upgrade() and deploy a malicious implementation that stripped all signature verification, then transferred vault ownership to drain $4.4M in bridged assets and mint 821M unbacked CIOTX.", "type": "incident", "sortKey": "iotex iotube", "date": "2026-02", "amount": "~$4.4M" }, { "title": "Ivanti Endpoint Manager Mobile (CVE-2026-6973)", "summary": "CVE-2026-6973 is an actively exploited improper input validation flaw in on-prem Ivanti Endpoint Manager Mobile that allows remote code execution after an attacker obtains administrator authentication. Ivanti warned that environments which did not fully complete January 2026 EPMM credential-response guidance remain at materially higher risk.", "type": "cve", "sortKey": "ivanti endpoint manager mobile (cve-2026-6973)", "date": "2026-05", "amount": "Unknown" }, { "title": "KelpDAO rsETH Bridge", "summary": "Poisoned RPC inputs plus a 1-of-1 DVN configuration let a forged burn message pass verification and trigger rsETH release on Ethereum.", "type": "incident", "sortKey": "kelpdao rseth bridge", "date": "2026-04", "amount": "$292M" }, { "title": "KiloEx", "summary": "KiloEx, April 2025. ~$7M lost across multiple chains.", "type": "incident", "sortKey": "kiloex", "date": "April 2025", "amount": "$7M" }, { "title": "Kinto", "summary": "$1.55M drained (Jul 2025). Uninitialized ERC-1967 proxies.", "type": "incident", "sortKey": "kinto", "date": "Jul 2025", "amount": "$1.55M" }, { "title": "KyberSwap Elastic", "summary": "A tick boundary precision mismatch caused liquidity accounting disagreement during swaps, enabling attacker-controlled double counting.", "type": "incident", "sortKey": "kyberswap elastic", "date": "2023-11", "amount": "$48M" }, { "title": "LastPass breach", "summary": "Attackers exfiltrated encrypted password vaults containing unencrypted site URLs, enabling targeted attacks against high-value accounts even before any password encryption is broken.", "type": "incident", "sortKey": "lastpass breach", "date": "2022", "amount": "$150M" }, { "title": "LiFi", "summary": "User-supplied calldata enabled arbitrary external calls that spent existing user approvals, draining wallet allowances.", "type": "incident", "sortKey": "lifi", "date": "2022-03", "amount": "$202K+" }, { "title": "Litecoin MWEB Reorg", "summary": "The postmortem showed two linked failures: March's missing MWEB input metadata revalidation during block connection enabled an inflated peg-out, and April's mutated-block handling bug stalled upgraded miners long enough for unpatched miners to grow a 13-block invalid branch.", "type": "incident", "sortKey": "litecoin mweb reorg", "date": "2026-04", "amount": "$600K at risk" }, { "title": "LiteV3 Bridge", "summary": "Proxy init race (Feb 2026). Attacker front-ran init and seized ownership.", "type": "incident", "sortKey": "litev3 bridge", "date": "Feb 2026", "amount": "Unknown" }, { "title": "Log4Shell (CVE-2021-44228)", "summary": "Log4j JNDI lookup expansion processed attacker-controlled strings from logged data, triggering remote class loading and code execution in vulnerable Java services.", "type": "cve", "sortKey": "log4shell (cve-2021-44228)", "date": "Dec 2021", "amount": "Unknown" }, { "title": "Loopscale", "summary": "Loopscale lost about $5.8M in a collateral pricing manipulation incident.", "type": "incident", "sortKey": "loopscale", "date": "", "amount": "$5.8M" }, { "title": "Lyra DepositWrapper", "summary": "Missing target validation plus zero-amount path granted unlimited approvals to attacker-controlled contracts.", "type": "incident", "sortKey": "lyra depositwrapper", "date": "2025-09", "amount": "$500K+" }, { "title": "Makina DUSD", "summary": "Spot-like external pool state was ingested into protocol accounting and manipulated with flash liquidity.", "type": "incident", "sortKey": "makina dusd", "date": "2026-01", "amount": "$1M+" }, { "title": "Mango Markets", "summary": "Mango Markets, October 11 2022. $114M extracted via MNGO spot price manipulation \u2192 inflated perp PnL \u2192 borrowed real assets.", "type": "incident", "sortKey": "mango markets", "date": "Oct 2022", "amount": "$114M" }, { "title": "Mercor LiteLLM Supply Chain", "summary": "Attackers compromised the Trivy security scanner supply chain, stole PyPI credentials, and published poisoned LiteLLM 1.82.7/1.82.8 packages that harvested credentials and exfiltrated data from Mercor after install.", "type": "incident", "sortKey": "mercor litellm supply chain", "date": "2026-04", "amount": "Unknown" }, { "title": "Mixin Network", "summary": "Compromise of centralized custody infrastructure enabled major unauthorized asset outflows.", "type": "incident", "sortKey": "mixin network", "date": "2023-09", "amount": "$200M" }, { "title": "MonoX Finance", "summary": "MonoX used independent _sell and _buy price updates. Swapping MONO as both input and output inflated its virtual price. Attacker then used overvalued MONO to drain other tokens from the pool.", "type": "incident", "sortKey": "monox finance", "date": "2021-11", "amount": "$31M" }, { "title": "Moonwell cbETH", "summary": "oracle misconfigured, price off by ~2000x (Feb 2026).", "type": "incident", "sortKey": "moonwell cbeth", "date": "Feb 2026", "amount": "Unknown" }, { "title": "MOVEit CLOP Zero-day (CVE-2023-34362)", "summary": "CL0P exploited a SQL injection zero-day in MOVEit Transfer, installed a persistent LEMURLOOT web shell, and simultaneously exfiltrated data from 2,700+ organisations.", "type": "cve", "sortKey": "moveit clop zero-day (cve-2023-34362)", "date": "May 2023", "amount": "Unknown" }, { "title": "Multichain", "summary": "CEO sole server access; Executor keys compromised after CEO disappearance.", "type": "incident", "sortKey": "multichain", "date": "2023-07", "amount": "$126M" }, { "title": "Munchables", "summary": "$62.5M drained (Mar 2024). Rogue developer storage backdoor.", "type": "incident", "sortKey": "munchables", "date": "Mar 2024", "amount": "$62.5M" }, { "title": "Nirvana Finance", "summary": "Nirvana's ANA token bonding curve used the treasury as direct counterparty with no flash loan protection. Attacker borrowed 10.25M USDC via Solend flash loan to buy ANA (inflating the curve price 3x), then sold ANA back at the inflated price, receiving 3.49M USDT from the treasury. Flash loan repaid; treasury fully drained in one transaction.", "type": "incident", "sortKey": "nirvana finance", "date": "2022-07", "amount": "~$3.5M" }, { "title": "Nomad Bridge", "summary": "Buggy upgrade trusted ZERO_HASH; any forged zero-body message passed validation.", "type": "incident", "sortKey": "nomad bridge", "date": "2022-08", "amount": "$190M" }, { "title": "NotPetya", "summary": "Attackers compromised the M.E.Doc software update channel, distributed NotPetya through a trusted update, then spread laterally with credential theft, PsExec, WMI, and SMB exploits including EternalBlue.", "type": "incident", "sortKey": "notpetya", "date": "Jun 2017", "amount": "Unknown" }, { "title": "Odos Router", "summary": "arbitrary token drains (Jan 2025). Signature validation lacked proper domain separation and safety checks.", "type": "incident", "sortKey": "odos router", "date": "Jan 2025", "amount": "Unknown" }, { "title": "Okta support system breach", "summary": "An attacker accessed Okta's support system via a compromised employee personal Google account and replayed session tokens found in customer-uploaded HAR debug files to hijack active sessions.", "type": "incident", "sortKey": "okta support system breach", "date": "Oct 2023", "amount": "Unknown" }, { "title": "OptiFi", "summary": "While attempting to close a buffer account to recover rent, an OptiFi developer ran `solana program close` with the production program address. Solana irreversibly marks the program non-executable with no confirmation prompt. All PDAs owned by the program, including $661K in USDC and all open derivatives positions, became permanently inaccessible.", "type": "incident", "sortKey": "optifi", "date": "2022-08", "amount": "$661K" }, { "title": "Orbit Bridge", "summary": "Bridge operator trust assumptions failed after key compromise. Attackers triggered unauthorized bridge outflows across connected assets.", "type": "incident", "sortKey": "orbit bridge", "date": "2023-12", "amount": "$80M" }, { "title": "PAN-OS GlobalProtect (CVE-2024-3400)", "summary": "Unauthenticated OS command injection on Palo Alto Networks PAN-OS GlobalProtect, exploited as a zero-day by nation-state actors. A path traversal wrote attacker-controlled content to disk; an unsanitized telemetry shell command then executed it, deploying the UPSTYLE Python backdoor.", "type": "cve", "sortKey": "pan-os globalprotect (cve-2024-3400)", "date": "Apr 2024", "amount": "Unknown" }, { "title": "PAN-OS User-ID Authentication Portal (CVE-2026-0300)", "summary": "A buffer overflow / out-of-bounds write in the PAN-OS User-ID Authentication Portal (Captive Portal) let unauthenticated attackers send crafted packets that achieved root-level code execution on exposed PA-Series and VM-Series firewalls. Palo Alto reported in-production exploitation, CISA added the issue to KEV, and the main mitigations before patching were to restrict portal access to trusted internal IPs or disable the feature entirely.", "type": "cve", "sortKey": "pan-os user-id authentication portal (cve-2026-0300)", "date": "2026-05", "amount": "Unknown" }, { "title": "Pancake Bunny", "summary": "An attacker manipulated PancakeSwap pool prices with flash loans and abused spot-price-dependent reward minting.", "type": "incident", "sortKey": "pancake bunny", "date": "2021-05", "amount": "$45M" }, { "title": "Parity Multisig Freeze", "summary": "A public initializer let an attacker take ownership of the shared library contract and selfdestruct it, freezing multisig wallets.", "type": "incident", "sortKey": "parity multisig freeze", "date": "2017-11", "amount": "$150M locked" }, { "title": "Platypus Finance", "summary": "Protocol accounting and solvency assumptions were exploitable during withdrawal/position transitions. Attackers extracted value by violating intended pool health invariants.", "type": "incident", "sortKey": "platypus finance", "date": "2023-02", "amount": "$9M" }, { "title": "PlayDapp", "summary": "Compromised mint authority enabled large unauthorized token issuance and market impact.", "type": "incident", "sortKey": "playdapp", "date": "2024-02", "amount": "$290M" }, { "title": "Poloniex", "summary": "Compromised exchange wallet control led to unauthorized multi-asset transfers.", "type": "incident", "sortKey": "poloniex", "date": "2023-11", "amount": "$114M" }, { "title": "Poly Network", "summary": "Cross-chain execution used caller-derived contract and method bytes without allowlisting; four-byte selector derivation collided with a privileged keeper update.", "type": "incident", "sortKey": "poly network", "date": "2021-08", "amount": "$611M" }, { "title": "Polygon Clone Wallet", "summary": "TEL drained (Dec 2023). Uninitialized clone allowed attacker to set owner.", "type": "incident", "sortKey": "polygon clone wallet", "date": "Dec 2023", "amount": "Unknown" }, { "title": "PrintNightmare (CVE-2021-34527)", "summary": "Insufficient privilege checks in Windows Print Spooler's AddPrinterDriverEx RPC call allowed any authenticated domain user to install a malicious DLL loaded by Spooler as SYSTEM, enabling LPE and RCE on every Windows machine with the service running.", "type": "cve", "sortKey": "printnightmare (cve-2021-34527)", "date": "Jun 2021", "amount": "Unknown" }, { "title": "Prisma Finance", "summary": "Prisma Finance's MigrateTroveZap helper trusted attacker-controlled flash-loan callback data when reopening troves, allowing exploiters to act on delegated positions with inflated collateral values.", "type": "incident", "sortKey": "prisma finance", "date": "Mar 2024", "amount": "$12M" }, { "title": "ProxyLogon (CVE-2021-26855)", "summary": "ProxyLogon abused Exchange's frontend proxy to send backend-authenticated requests, then chained into arbitrary file write and web-shell deployment. Mass exploitation rapidly followed against unpatched on-prem Exchange servers.", "type": "cve", "sortKey": "proxylogon (cve-2021-26855)", "date": "Mar 2021", "amount": "Unknown" }, { "title": "Pump", "summary": "loan driven bonding-curve exploit in May 2024.", "type": "incident", "sortKey": "pump", "date": "May 2024", "amount": "Unknown" }, { "title": "PumpToken", "summary": "Liquidity-removal logic trusted manipulable k-growth assumptions and burned LP pair tokens without fair compensation safeguards.", "type": "incident", "sortKey": "pumptoken", "date": "2025-01", "amount": "~$40K" }, { "title": "Qubit qBridge", "summary": "Bridge accounting mismatch let destination-chain minting occur without source-chain backing.", "type": "incident", "sortKey": "qubit qbridge", "date": "2022-01", "amount": "$80M" }, { "title": "Radiant Capital", "summary": "~$50M stolen (Oct 2024). Malware displayed legitimate tx in Gnosis Safe UI while sending malicious payload to hardware wallet.", "type": "incident", "sortKey": "radiant capital", "date": "Oct 2024", "amount": "$50M" }, { "title": "Radiant Capital", "summary": "$4.5M drained (Jan 2024). Rounding error in token quantity calculations.", "type": "incident", "sortKey": "radiant capital", "date": "Jan 2024", "amount": "$4.5M" }, { "title": "Rari Capital Fuse / Fei", "summary": "Integration-level external calls allowed reentrant state abuse across lending components. Composability increased blast radius beyond a single contract path.", "type": "incident", "sortKey": "rari capital fuse / fei", "date": "2022-04", "amount": "$80M" }, { "title": "Raydium", "summary": "A trojan on a Raydium developer machine compromised the private key of the pool_owner authority for eight V4 AMM pools. The attacker invoked the admin withdrawpnl() instruction, which required only a matching pool_owner signature, and drained all accumulated protocol fees.", "type": "incident", "sortKey": "raydium", "date": "2022-12", "amount": "~$4.4M" }, { "title": "React2Shell (CVE-2025-55182)", "summary": "A critical RCE in React Server Components' module resolution pipeline accepted attacker-controlled component paths without sanitization, enabling arbitrary server-side module loading. CVSS 10.0: no-auth, no-interaction, full server compromise. Exploited within 48 hours of December 2025 disclosure.", "type": "cve", "sortKey": "react2shell (cve-2025-55182)", "date": "Dec 2025", "amount": "Unknown" }, { "title": "Resolv USR", "summary": "Privileged completeSwap minted USR without onchain verification that mint amount matched deposited USDC; compromised SERVICE_ROLE passed arbitrary amounts.", "type": "incident", "sortKey": "resolv usr", "date": "2026-03", "amount": "~$25M" }, { "title": "RewardsHypervisor", "summary": "External callback reentered the deposit flow before critical accounting finalized, allowing repeated crediting and token drain.", "type": "incident", "sortKey": "rewardshypervisor", "date": "2021-12", "amount": "$8.2M" }, { "title": "Rhea Finance", "summary": "Attacker-created fake token contracts and fresh pools on NEAR appear to have fed manipulated pricing or validation signals into Rhea's Margin Trading path, which shared liquidity with Rhea Lending and enabled real-asset extraction.", "type": "incident", "sortKey": "rhea finance", "date": "2026-04", "amount": "~$7.6M" }, { "title": "Ronin Bridge (Aug 2024 upgrade misconfiguration)", "summary": "A bridge upgrade skipped critical initialization, leaving operator-weight state at zero so the vote-threshold check accepted unauthorized withdrawals.", "type": "incident", "sortKey": "ronin bridge (aug 2024 upgrade misconfiguration)", "date": "2024-08", "amount": "$12M" }, { "title": "Ronin Bridge (Mar 2022 validator compromise)", "summary": "Validator key compromise; 5/9 threshold met via phished keys and unrevoked legacy allowlist.", "type": "incident", "sortKey": "ronin bridge (mar 2022 validator compromise)", "date": "2022-03", "amount": "$625M" }, { "title": "SagaEVM", "summary": "An inherited Ethermint IBC precompile accepted IBC transfer calls from any EVM contract without verifying the caller was a legitimate cross-chain relay; attacker deployed a helper contract to forge IBC messages and mint 7M in Saga Dollar stablecoins.", "type": "incident", "sortKey": "sagaevm", "date": "2026-01", "amount": "~$7M" }, { "title": "SBR", "summary": "Transfer-hook side effects desynced Uniswap V2-style reserves from actual balances, letting the attacker force `sync()` on a corrupted state and trade against the wrong price curve.", "type": "incident", "sortKey": "sbr", "date": "2025-03", "amount": "~$17K" }, { "title": "Shai-Hulud 2.0 npm campaign", "summary": "Attackers compromised maintainer accounts, inserted preinstall hooks that launched setup_bun.js and bun_environment.js, harvested secrets, and established CI persistence via self-hosted GitHub runners.", "type": "incident", "sortKey": "shai-hulud 2.0 npm campaign", "date": "Nov 2025", "amount": "Unknown" }, { "title": "Shellshock (CVE-2014-6271)", "summary": "Bash incorrectly processed imported function definitions from environment variables and executed trailing commands, allowing remote command execution through CGI, DHCP, SSH ForceCommand, and other Bash-invoking code paths.", "type": "cve", "sortKey": "shellshock (cve-2014-6271)", "date": "Sep 2014", "amount": "Unknown" }, { "title": "Sigma.Money", "summary": "Proxy backdoored (Mar 2026). CPIMP front-run; attacker initialized and upgraded before victim.", "type": "incident", "sortKey": "sigma.money", "date": "Mar 2026", "amount": "Unknown" }, { "title": "Slope Wallet", "summary": "Slope Wallet's Sentry error monitoring integration transmitted mnemonic or private-key material in plaintext as part of event payloads to a self-hosted Sentry instance (o7e.slope.finance). No PII scrubbing was configured. This confirmed leak likely explains a subset of the correctly signed drains, but public post-mortems did not conclusively tie it to every affected wallet.", "type": "incident", "sortKey": "slope wallet", "date": "2022-08", "amount": "~$4.1M" }, { "title": "SmartBank", "summary": "Raw balance-based accounting was manipulated with flash liquidity, letting the attacker satisfy checks and extract assets.", "type": "incident", "sortKey": "smartbank", "date": "2024-07", "amount": "$57K" }, { "title": "Snowflake customer breach", "summary": "Attackers used infostealer-harvested credentials to access 165+ Snowflake customer accounts that lacked MFA, exfiltrating data from Ticketmaster, AT&T, Santander, and others.", "type": "incident", "sortKey": "snowflake customer breach", "date": "2024", "amount": "Unknown" }, { "title": "Solana web3.js (CVE-2024-54134)", "summary": "A publish-access npm account for Solana web3.js was compromised on Dec 3 2024. Attackers injected a malicious addToQueue function into versions 1.95.6 and 1.95.7 that exfiltrated private keys via CloudFlare headers. The backdoor was live for ~5 hours (3:20-8:25pm UTC); ~$130K lost. Non-custodial wallets were unaffected; only apps handling raw private keys (bots, server keypairs) were at risk.", "type": "cve", "sortKey": "solana web3.js (cve-2024-54134)", "date": "2024-12", "amount": "~$130K" }, { "title": "SolarWinds Orion (Sunburst)", "summary": "Attackers compromised the build/sign pipeline, inserted backdoored Orion binaries, and distributed them as trusted signed updates.", "type": "incident", "sortKey": "solarwinds orion (sunburst)", "date": "", "amount": "Unknown" }, { "title": "Solend Whale Governance", "summary": "A single anonymous wallet deposited 5.7M SOL (95% of Solend's SOL deposit pool) and borrowed $108M. Automated liquidation would cause ~$20M DEX slippage in one block. SLND1 governance passed at 1.13% quorum granting emergency account takeover powers; community condemned it as a self-custody violation. SLND2 revoked SLND1 within 24 hours.", "type": "incident", "sortKey": "solend whale governance", "date": "2022-06", "amount": "Unknown" }, { "title": "Solv Protocol", "summary": "ERC-3525 semi-fungible tokens inherit ERC-721's onERC721Received callback mechanism; Solv's BRO vault called _mint inside the callback and again after it returned, double-minting for every deposit. Attacker looped 22 times to inflate 135 BRO into 567M and swap for ~$2.7M in SolvBTC.", "type": "incident", "sortKey": "solv protocol", "date": "2026-03", "amount": "~$2.7M" }, { "title": "Sonne Finance", "summary": "run market activation and exploit empty-market donation vulnerability.", "type": "incident", "sortKey": "sonne finance", "date": "May 2024", "amount": "$20M" }, { "title": "Spectre / Meltdown", "summary": "Speculative-execution side channels let code infer secrets across user/kernel, process, browser, and cloud isolation boundaries by measuring cache timing effects from transient execution.", "type": "incident", "sortKey": "spectre / meltdown", "date": "Jan 2018", "amount": "Unknown" }, { "title": "Spring4Shell (CVE-2022-22965)", "summary": "Spring MVC's recursive data binding exposed the Java ClassLoader chain, enabling unauthenticated attackers to write a JSP web shell via Tomcat's AccessLogValve pattern property on WAR deployments running Java 9+.", "type": "cve", "sortKey": "spring4shell (cve-2022-22965)", "date": "Mar 2022", "amount": "Unknown" }, { "title": "StakingRewards", "summary": "8.79K UNI-V2 LP drained (Mar 2022). Withdraw underflow; zero balance could withdraw full supply.", "type": "incident", "sortKey": "stakingrewards", "date": "Mar 2022", "amount": "Unknown" }, { "title": "Step Finance Treasury", "summary": "Compromised privileged wallets enabled stake authority transfer and treasury outflows.", "type": "incident", "sortKey": "step finance treasury", "date": "2026-01", "amount": "$1M+" }, { "title": "Stuxnet", "summary": "Stuxnet used multiple Windows zero-days, removable-media propagation, and signed-driver abuse to reach Siemens industrial controllers and alter PLC logic while replaying normal telemetry to operators.", "type": "incident", "sortKey": "stuxnet", "date": "Jun 2010", "amount": "Unknown" }, { "title": "SwapNet", "summary": "DEX aggregator router accepted user-controlled call targets and calldata without whitelist validation; attacker replaced expected DEX address with USDC token contract and used victim approvals to call transferFrom and drain assets.", "type": "incident", "sortKey": "swapnet", "date": "2026-01", "amount": "~$13.4M" }, { "title": "TanStack npm Supply Chain", "summary": "Attackers poisoned GitHub Actions cache state through a `pull_request_target` workflow, restored that cache in trusted release jobs, extracted the in-memory OIDC token from the runner process, and published 84 malicious versions across 42 `@tanstack/*` packages with valid SLSA provenance. The install-time payload executed `router_init.js`, harvested cloud and developer credentials, exfiltrated them via the Session network, and self-propagated to additional npm packages maintained by victims.", "type": "incident", "sortKey": "tanstack npm supply chain", "date": "2026-05", "amount": "Unknown" }, { "title": "TCH Token", "summary": "Non-canonical signatures and replay keys based on raw signature bytes enabled repeated privileged action abuse.", "type": "incident", "sortKey": "tch token", "date": "2024-05", "amount": "$500K+" }, { "title": "TecraCoin", "summary": "580K TCR + 639K USDT drained (Feb 2022). Inverted allowance check in burnFrom.", "type": "incident", "sortKey": "tecracoin", "date": "Feb 2022", "amount": "Unknown" }, { "title": "Terra/UST", "summary": "Terra/UST \u2014 $40B+ destroyed (May 2022). LUNA supply grew from ~346M to 6.5 trillion tokens in 72 hours.", "type": "incident", "sortKey": "terra/ust", "date": "May 2022", "amount": "$40B" }, { "title": "The DAO", "summary": "A call-before-effects withdraw pattern allowed recursive draining and became the canonical reentrancy incident.", "type": "incident", "sortKey": "the dao", "date": "2016-06", "amount": "$60M" }, { "title": "TMX Tribe", "summary": "GMX-fork perpetuals protocol on Arbitrum had flawed LP staking/swap logic: attacker looped mint-LP \u2192 swap USDT for USDG \u2192 unstake LP \u2192 sell USDG with no balance checks or circuit breakers, draining $1.4M across 502 transactions over 36 hours via unverified contracts.", "type": "incident", "sortKey": "tmx tribe", "date": "2026-01", "amount": "~$1.4M" }, { "title": "TO Protocol", "summary": "AMM reserve accounting was desynchronized by sell-burn-sync sequencing, enabling reserve distortion and profitable extraction.", "type": "incident", "sortKey": "to protocol", "date": "2026-02", "amount": "~$17.5K" }, { "title": "Transit Swap", "summary": "The router accepted arbitrary target addresses and calldata without validation. Users had approved the router for large amounts. The attacker passed a malicious target contract that called transferFrom against those approvals.", "type": "incident", "sortKey": "transit swap", "date": "2022-10", "amount": "$29M" }, { "title": "Truebit", "summary": "8,540 ETH drained (Jan 2026). Integer overflow in token logic.", "type": "incident", "sortKey": "truebit", "date": "Jan 2026", "amount": "Unknown" }, { "title": "TrustedVolumes RFQ Proxy Drain", "summary": "Attackers abused TrustedVolumes' controlled custom RFQ swap proxy to self-register an allowed signer and then exploited a maker/funding-source mismatch in settlement, draining resolver-approved assets on Ethereum. The incident was separate from the 2025 1inch Fusion V1 bug; 1inch's own contracts, infrastructure, and user funds were not affected.", "type": "incident", "sortKey": "trustedvolumes rfq proxy drain", "date": "2026-05", "amount": "$6.7M drained" }, { "title": "TSURUWrapper", "summary": "An inverted ERC1155 callback guard accepted unauthorized flows and minted unbacked wrapper assets redeemable for real value.", "type": "incident", "sortKey": "tsuruwrapper", "date": "2024-05", "amount": "$410K" }, { "title": "Uber MFA fatigue, Lapsus$", "summary": "Lapsus$ obtained contractor credentials, bombed them with MFA push requests for over an hour, then impersonated Uber IT on WhatsApp to socially engineer approval, gaining full internal access.", "type": "incident", "sortKey": "uber mfa fatigue, lapsus$", "date": "Sep 2022", "amount": "Unknown" }, { "title": "Uniswap V3 callback victim", "summary": "The Uniswap V3 callback trusted attacker-controlled calldata without authenticating pool/caller context, enabling unauthorized token transfer.", "type": "incident", "sortKey": "uniswap v3 callback victim", "date": "2024-07", "amount": "~$85K" }, { "title": "VeilCash", "summary": "2.9 ETH drained (Feb 2026). Incomplete Groth16 Phase 2 trusted setup.", "type": "incident", "sortKey": "veilcash", "date": "Feb 2026", "amount": "Unknown" }, { "title": "Venus vTHE", "summary": "Raw balance-based cash accounting enabled supply-cap bypass and amplified borrowing manipulation.", "type": "incident", "sortKey": "venus vthe", "date": "2026-03", "amount": "$5M" }, { "title": "WannaCry", "summary": "WannaCry used EternalBlue against SMBv1 systems missing MS17-010, then propagated laterally as a worm and deployed ransomware on each newly compromised Windows host.", "type": "incident", "sortKey": "wannacry", "date": "May 2017", "amount": "Unknown" }, { "title": "Wasabi Protocol", "summary": "A public Spring Boot Actuator heap dump on Wasabi's AWS analytics surface leaked credentials that ultimately led attackers to the private keys controlling affected EVM contracts, enabling unauthorized withdrawals.", "type": "incident", "sortKey": "wasabi protocol", "date": "2026-04", "amount": "~$5.7M lost" }, { "title": "WazirX", "summary": "Compromise in signing/custody workflow enabled large unauthorized outflows.", "type": "incident", "sortKey": "wazirx", "date": "2024-07", "amount": "$235M" }, { "title": "Wintermute Profanity Address Exploit", "summary": "A weak vanity address generation method reduced effective key entropy. Attackers reconstructed private keys for production wallets and drained funds.", "type": "incident", "sortKey": "wintermute profanity address exploit", "date": "2022-09", "amount": "$160M" }, { "title": "wolfSSL (CVE-2026-5194)", "summary": "Missing digest-size validation and signature OID/key OID agreement checks in wolfSSL certificate verification could allow forged signatures to be accepted across ECDSA, DSA, ML-DSA, Ed25519, and Ed448 paths.", "type": "cve", "sortKey": "wolfssl (cve-2026-5194)", "date": "2026-04", "amount": "Unknown" }, { "title": "Wormhole Bridge", "summary": "Wormhole Bridge, February 2022. $320M lost.", "type": "incident", "sortKey": "wormhole bridge", "date": "February 2022", "amount": "$320M" }, { "title": "XZ Utils Backdoor (CVE-2024-3094)", "summary": "A multi-year social engineering campaign inserted a build-system backdoor into XZ Utils that injected malicious SSH code into compiled binaries without any modification to reviewed C source files.", "type": "cve", "sortKey": "xz utils backdoor (cve-2024-3094)", "date": "Mar 2024", "amount": "Unknown" }, { "title": "Yearn yETH", "summary": "Unsafe arithmetic in the invariant solver let rounding collapse the product term and later underflow during a reachable bootstrap path, enabling massive over-minting and a drain of the yETH weighted stable pool plus the yETH/WETH Curve pool.", "type": "incident", "sortKey": "yearn yeth", "date": "2025-11", "amount": "$9M" }, { "title": "YieldBlox", "summary": "A thin SDEX orderbook was manipulated and ingested by the Reflector oracle, inflating collateral valuation and enabling over-borrowing.", "type": "incident", "sortKey": "yieldblox", "date": "2025-02", "amount": "$10.86M" }, { "title": "ZeroLogon (CVE-2020-1472)", "summary": "A cryptographic flaw in Windows Netlogon's AES-CFB8 implementation allowed an unauthenticated attacker with network access to a domain controller to set the DC's machine account password to empty, enabling DCSync and full Active Directory compromise in seconds.", "type": "cve", "sortKey": "zerologon (cve-2020-1472)", "date": "Aug 2020", "amount": "Unknown" }, { "title": "zkLend", "summary": "Attacker exploited empty wstETH market on StarkNet, inflated lending_accumulator via flash-loan donations, then leveraged integer division precision loss during share burns to drain 46+ pools.", "type": "incident", "sortKey": "zklend", "date": "2025-02", "amount": "~$9.5M" }, { "title": "Zoth Protocol", "summary": "Restaking protocol Zoth lost $8.4M when attackers manipulated RWA-linked yield accounting transaction flows, extracting funds before developers detected anomalies.", "type": "incident", "sortKey": "zoth protocol", "date": "2025-03", "amount": "~$8.4M" } ] }