Bleeping Computer

Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day

The North Korean Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space.
CoinDesk

LayerZero blames Kelp's setup for $290 million exploit, attributes it to North Korea's Lazarus

LayerZero has placed responsibility for the $290 million Kelp DAO exploit on Kelp's own security configuration, saying the liquid restaking protocol ran a single-verifier setup that LayerZero had ...