Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Unleash Protocol hit by network compromise

Incident
First reported
Last updated
Happening score
H score 27
1 unique sources, 1 articles

Summary

Hide ▲

Unleash Protocol suffered a $3.9 million crypto theft after an attacker used unauthorized multisig control to approve a contract upgrade and enable withdrawals. The compromise affected the project's on-chain governance and allowed assets to be moved out without team approval. The stolen funds included WIP, USDC, WETH, stIP, and vIP. The project has paused operations and is investigating recovery options.

Related Happenings

KelpDAO hit by cyberattack

Incident
First: 21.04.2026 01:23 Last: 21.04.2026 01:23 Sources 1

About this happening: KelpDAO suffered a cross-chain theft involving rsETH, prompting it to pause rsETH contracts after detecting suspicious activity on April 18, 2026. Reports estimate that about 116,...

Latest development: 21.04.2026 11:30

North Korea’s Lazarus Group targeted LayerZero Labs on April 18, 2026 by poisoning downstream RPC infrastructure, compromising two independent RPC nodes, swapping binaries on op-geth nodes, and forcing a DDoS-driven failover that let a forged cross-chain message pass and enable an unauthorized rsETH transfer.

Open Happening

Drift Protocol hit by cyberattack

Incident
First: 02.04.2026 22:03 Last: 02.04.2026 22:03 Sources 1

About this happening: **Drift Protocol** disclosed a **security-council takeover** that drained **at least $280 million** and left its protocol functions essentially frozen. The attacker used **durable...

Latest development: 06.04.2026 19:35

Elliptic and TRM Labs attributed the $280+ million theft from Drift Protocol to North Korean hackers, and Drift said its findings point with medium-high confidence to UNC4736 (AppleJeus/Labyrinth Chollima). The investigation also said the attackers spent at least six months building a functioning operational presence inside the Drift ecosystem, posing as a quantitative firm, meeting Drift contributors at crypto conferences in multiple countries, and continuing discussions over Telegram.

Open Happening

Uranium Finance smart contract flaws actively exploited security flaw

Vulnerability
First: 31.03.2026 18:30 Last: 31.03.2026 18:30 Sources 1

About this happening: In **April 2021**, **Uranium Finance** smart contract flaws were **actively exploited** to drain funds from liquidity pools, including a **rewards calculation** weakness and a **t...

Open Happening

Uranium Finance hit by network compromise

Incident
First: 31.03.2026 12:15 Last: 31.03.2026 12:15 Sources 1

About this happening: **Uranium Finance** suffered a **two-stage smart-contract hack** in **April 2021** that drained about **$53.3 million** and forced the exchange to shut down. The attacks exploited...

Open Happening

Timeline

  1. 31.12.2025 17:54 2 articles · 4mo ago

    Unleash Protocol discloses multisig compromise and $3.9M theft

    Initial Disclosure

    Unleash Protocol disclosed that an externally owned address gained administrative control of its multisig governance, carried out an unauthorized contract upgrade, and enabled withdrawals that drained about $3.9 million in WIP, USDC, WETH, stIP, and vIP. The stolen assets were bridged through third-party infrastructure, transferred to external addresses, and deposited into Tornado Cash in the form of 1,337 ETH, while Unleash Protocol paused all operations and launched an investigation with external security experts.

    Show sources
    Open in new tab