usp

The Chief Information Security Officer of Slow Fog Technology, 23pds, retweeted that the internal system of the cloud hosting platform Vercel was accessed without authorization, which is suspected to be related to an internal data leak.Related tweets indicate that someone on BreachForums claimed to be ShinyHunters, selling what they called the Vercel internal database, access keys, source code, employee accounts, API keys, NPM tokens, and GitHub tokens for $2 million. The related data is suspected to involve Vercel's internal Linear system and internal user management system. Previously, it was reported that the cloud hosting platform Vercel disclosed unauthorized access to its internal system, affecting a small number of customers.

Curve Finance announced on platform X that due to the LayerZero infrastructure being attacked in the rsETH hacking incident, it has decided to suspend Curve's LayerZero infrastructure as a precautionary measure until further understanding of the root cause of the incident. This action will affect:CRV bridging from the following chains: BNB, Sonic, Avalanche, Fantom, Etherlink, Kava (other chains will still use native bridging);The fast bridging of crvUSD (slow bridging on L2 will still be available for normal use).

Lido posted on platform X that the team is aware of the developments regarding the Kelp DAO security incident. Due to the current exposure of the earnETH product to rsETH, they have proactively suspended new deposits to earnETH and are working with relevant partners to assess the situation. More information will be disclosed based on future developments. Lido added that stETH and wstETH have not been affected by the rsETH incident, and this security issue does not involve the Lido staking protocol itself.

etherFi posted on platform X that its Liquid treasury is temporarily not directly exposed to the Kelp rsETH event risk, but as a precautionary measure, it has suspended the LayerZero cross-chain bridging functionality for weETH and eETH until the root cause of the Kelp rs ETH event is clarified. Meanwhile, for Liquid (ETH, BTC, USD), sETHFI, and eBTC products, the relevant Teller contracts have been suspended to block the LayerZero OFT bridging path, and the deposit and withdrawal functions for the related assets have also been suspended. They are currently working closely with security partners and will provide timely updates once more details are confirmed.

Morpho stated: "Shortly after the KelpDAO and LayerZero incidents, Morpho has, as a precaution, suspended the OFT cross-chain bridge for MORPHO tokens on Arbitrum. The cross-chain functionality on Arbitrum will remain suspended until the root cause of the rsETH incident is identified."

The Solana ecosystem liquidity protocol Kamino stated on platform X that its platform and users have not been affected by the current Ethereum rsETH incident. However, out of caution, it has suspended all core market interactions related to LayerZero tokens (USDS, LBTC, FBTC). The related reserve assets have entered a "reduce-only mode," allowing users to withdraw and repay debts, but deposit and lending functions have been temporarily closed.Kamino added that it is in communication with the LayerZero team and will notify users as soon as the related reserves return to normal operations. These measures are all part of proactive risk control, and the platform and user funds have not been affected.

Euler Labs announced on the X platform that as a precaution, the LayerZero OFT cross-chain bridge for EUL is temporarily suspended during the investigation into the cause of the rsETH incident, and emphasized that EUL has no exposure to this rsETH incident. An update will be released after the cross-chain functionality is restored.

The DeFi protocol Ether.fi stated on platform X that due to the root cause of the Kelp rsETH incident still being under investigation, it has proactively suspended the LayerZero cross-chain for weETH and eETH.At the same time, the Teller contracts for Liquid (ETH, BTC, USD), sETHFI, and eBTC have also been suspended to halt LayerZero OFT cross-chain, and the deposit and withdrawal functions for related products have been simultaneously suspended.Ether.fi stated that its Liquid Vaults are not directly exposed to Kelp rsETH and is closely coordinating with security partners, with more information to be announced later.

On-chain data shows that the Kelp DAO's rsETH bridging protocol based on LayerZero has allegedly been exploited by hackers, resulting in a loss of 116,500 rsETH, worth approximately $292 million.Kelp DAO officials stated that they have detected suspicious cross-chain activities involving rsETH, and have now suspended the rsETH contracts on the mainnet and multiple Layer2s. They are working with security experts and will provide updates on the situation.

According to on-chain analyst @ai_9684xtpa, a certain suspected RAVE whale address collection currently holds 750 million tokens, with a total value exceeding 10.3 billion dollars, and the concentration of chips has reached 75%.

On-chain detective ZachXBT posted on platform X that the pump and dump behavior of the RAVE token ($RAVE) is suspected to originate from three CEXs: Bitget, Binance, and Gate. He called for the relevant CEXs to strengthen internal investigations and accountability, and to expel the responsible parties. ZachXBT stated that the manipulation may be led by internal personnel, controlling over 90% of RAVE liquidity, thereby continuously harvesting retail investors.In addition, ZachXBT announced that he would personally provide a reward of up to $10,000 to encourage informants to anonymously submit relevant evidence to expose the specific entities involved in the incident.

According to Onchain Lens monitoring, the wallet associated with Tim Draper deposited 150.84 BTC (worth $11.62 million) into a CEX (possibly Coinbase) after holding it for a year, incurring a loss of $2.57 million.Billionaire Tim Draper is a well-known venture capitalist who invested early in unicorn companies such as Tesla, Skype, Coinbase, Ledger, and Tezos.

According to on-chain analyst Onchain Lens (@OnchainLens), a wallet suspected to be associated with Arthur Hayes recently deposited 3,000 ETH into Binance, worth approximately 7.26 million dollars.

According to the official announcement from Binance, starting from April 23, 2026, 08:00 (UTC), Binance will suspend deposits and withdrawals of Highstreet (HIGH) and Resolv (RESOLV) on BSC.

According to on-chain data analysis, SIREN dropped from about $2 to $0.13 at the beginning of the month. Since April 5, a batch of addresses has been continuously withdrawing tokens from the Binance Alpha wallet, accumulating approximately 30.07 million SIREN, worth about $25.09 million. During this period, the price of SIREN rebounded from $0.13 to about $0.83.Previous on-chain statistics showed that the holding ratio of related addresses was already high.

According to Bloomberg, the top derivatives regulator in the United States is investigating a series of "exceptionally timed" crude oil futures trades that occurred before Trump's recent adjustments to Iran war policy. According to informed sources, the investigation has been initiated.The U.S. CFTC is leading the investigation into crude oil futures contract trades conducted on the CME Group and Intercontinental Exchange platforms. Informed sources stated that they requested anonymity due to the information not being public.Currently, both trading platforms have been asked to submit relevant trading data to the regulators to cooperate with the investigation.

According to on-chain analyst Yu Jin's monitoring, the suspected Binance Life controller has once again extracted 30 million $ Binance Life from Binance through 3 wallets to the on-chain in the past half hour, worth approximately 11.4 million USD.In the past 3 days, influenced by the continuous large accumulation from this address set, the price of $ Binance Life has increased by a total of 112% ($ 0.17 → $ 0.36). Currently, the suspected controlling address set holds a total of 227 million $ Binance Life on-chain, accounting for 22.7% of the total supply, worth approximately 81.55 million USD.

According to crypto analyst Yu Jin @EmberCN, suspected ARIA-related addresses concentrated on selling 45.64 million ARIA early this morning, exchanging for about 5.42 million USDT, with an average transaction price of about $0.12.As a result, the price of ARIA dropped from about $1.01 to $0.09, a decline of over 90%, with the circulating market value falling from about $315 million to about $38.5 million. The aforementioned tokens were previously transferred from Gate to the blockchain through 8 wallets three weeks ago.

According to Theblock citing The Information, Polymarket has launched an audit targeting application startups that promise to help users track suspected insider trading activities.The report states that these copy trading applications provide customers with a list of traders on the Polymarket platform who have a good track record of profitability, or highlight some unusually large or oddly timed bets that may be based on confidential information. Customers can use bots to replicate these trades or receive notifications of seemingly good trades. These applications charge service fees.It is reported that Polymarket and its main competitor Kalshi have both been scrutinized for insider trading issues. Last month, Polymarket introduced clearer rules regarding insider trading and its enforcement.

According to on-chain analyst Yu Jin's monitoring, a suspected Binance Life controller withdrew 50.5 million Binance Life from Binance through 6 wallets 10 minutes ago, worth approximately 16.08 million dollars on-chain.Currently, the controlled address set has accumulated 197 million Binance Life on-chain, accounting for about 19.7% of the total supply, with a total value of 62.58 million dollars.