Threat-intel ETL workspace
Normalized datasets for local telemetry, all visible 2026 Rekt incidents, and Solodit findings discovered via sitemap ingestion.
Rekt 2026 incidents
Solodit findings discovered
Recorded ETL jobs
Refresh pipeline
Run the ETL route to persist the current external sources into JSONL datasets and Blob artifacts, then use those findings to define the next red-team prompt.
Latest Rekt incidents
Recent 2026 exploit narratives normalized from Rekt News cards and article metadata.
Admin key compromised, UUPS upgrades pushed to over a dozen vaults across four chains - Wasabi Protocol lost $5.9 million before most users saw a single alert. No multisig. No timelock. April 2026 was DeFi's worst month on record. Are we April Fools?
$3.5 million drained from Volo on Sui after an admin private key was compromised, likely via social engineering. Three vaults hit - WBTC, XAUm, USDC. Volo self-disclosed first, and recovered nearly all of it, with a net loss of just $60K.
DPRK breached LayerZero's infrastructure, forged a bridge message, and walked $290 million out of KelpDAO in one transaction. Aave is holding hundreds of millions in bad debt. The dominoes are still falling. DeFi United is scrambling to catch them.
NEAR Protocol's Rhea Finance lost $18.4 million after an attacker exploited a margin parser that counted fake swap route minimums as real collateral. $9 million frozen or recovered. $4 million in ZEC routed into Zcash's shielded pool, cryptographically unrecoverable.
On April 13, 2026, a missing bounds check in Hyperbridge's MMR proof verifier allowed forged proofs to pass. 1 billion DOT minted. Two attacks, combined with opportunistic withdrawals from drained pools, leading to $2.5 million in losses according to Hyperbridge.
DPRK hackers spent 6 months sending proxies to befriend Drift Protocol. Conferences, trust, $1 million deposited. $285 million later, those friends vanished. No code broken. No bug found. Just a six-month con, a fake token, and a culture that never saw it coming.
On March 22, Resolv Labs lost $25 million when a compromised private key handed an attacker unlimited USR minting power. No oracle check. No mint cap. 80 million tokens printed. Hardcoded oracles and automated liquidity kept feeding broken markets long after the damage was done.
An attacker spent 9 months building a position, bypassed Venus Protocol's supply cap via a known donation exploit, and extracted $3.7 million, leaving $2.15 million in bad debt on a protocol that has now been rekt four times in five years.
Solodit coverage snapshot
Issue pages are discovered from sitemap URLs and normalized into structured finding records.