Security researchers at ExVul discovered that attackers stole around $200,000 from DeFi (decentralized finance) platforms on Ethereum. The attackers targeted Uniswap V3 liquidity pools by taking advantage of vulnerabilities in the WUSD.fi and GLOVE reward systems.
The attackers moved money between several digital wallets to repeatedly earn rewards by exploiting weaknesses in how the system was designed to encourage participation.
A Wave Of Attacks Hitting The Ecosystem
Recent days have seen a number of problems in the decentralized finance (DeFi) world. One issue involved fake Google ads pretending to be from Uniswap. These ads led users to deceptive websites created to steal their login information, and reports indicate at least $400,000 was stolen before the scam was discovered.
Following two separate incidents, Manuel Aráoz, who founded the leading smart contract security firm OpenZeppelin, publicly issued a strong warning.
Aráoz now believes all decentralized finance (DeFi) platforms are risky, a view that gained traction among developers after he shared it online.
The core issue with blockchain security is this: those protecting the system have to identify and fix *all* weaknesses, but an attacker only needs to find just *one* to cause significant damage.
PSA: I now consider *all* of DeFi unsafe.
AI-powered coding tools are incredibly effective at discovering weaknesses in code, but securing smart contracts presents a major challenge. Security teams must address every potential flaw, while attackers only need to find a single vulnerability to cause significant financial loss.
— Manuel Aráoz (@maraoz) May 26, 2026
AI Tools Shifting The Balance
Aráoz explained that AI coding tools are making it more difficult to maintain security. He says these tools let hackers quickly find flaws in contracts – much faster than most security teams can manage.
He also reportedly urged his friends and family to withdraw their money from leading DeFi platforms like Aave, MakerDAO, and Compound. These three platforms hold a large portion of the total value invested in decentralized finance.
Cybersecurity experts are worried that AI is making attacks happen much faster. It’s allowing attackers to quickly find weaknesses in systems, create convincing phishing scams, and test out hacking methods on real-world networks.
Complexity Making Defense Harder
The situation is made worse by the way many new DeFi platforms are designed. They often combine several different parts – like bridges, lending services, staking tools, and automatic reward systems – and each new addition creates more potential weaknesses that need protection.
OpenZeppelin had previously warned about the risks of combining certain smart contract standards. They discovered a vulnerability stemming from the way ERC-2771 and Multicall – both popular contract types – interacted, which unexpectedly created security issues when used together.
As a researcher, I’ve observed that leading DeFi protocols are heavily investing in security measures like audits, bug bounty programs, and formal verification. However, my findings suggest these efforts haven’t completely eliminated risks – we’re still seeing successful phishing attacks and schemes that exploit incentive structures.
Now, people are worried about whether smaller DeFi projects – the ones that can’t afford constant security checks – will be able to defend themselves against increasingly sophisticated and rapid attacks.
Read More
- Gold Rate Forecast
- USD TRY PREDICTION
- Silver Rate Forecast
- USD MXN PREDICTION
- Brent Oil Forecast
- PI PREDICTION. PI cryptocurrency
- RUNE Crashes Hard but Folks Keep Throwing Cash at THORChain—Why tho? 🤔
- Why These 5 Meme Coins Could Crash or Cash Your Crypto Party in May 2025 🚀🐒
- XRP PREDICTION. XRP cryptocurrency
- Ethereum Bounces Back After $4M Sell-Off: Can it Survive Another Rollercoaster?
2026-05-28 13:12