The attackers drained an estimated $200,000 from DeFi liquidity pools Ethereum – specifically Uniswap V3 – after exploiting vulnerabilities in the WUSD.fi and GLOVE incentive system, according to security researchers at ExVul.
Attackers moved funds through multiple wallets to obtain rewards repeatedly, taking advantage of flaws in the protocol’s incentive structure.
A wave of attacks hits the ecosystem
This was one of several shocking incidents Decentralized finance Space in the last days. Fraudulent Google ads impersonating Uniswap also appeared earlier this week, directing unsuspecting users to phishing sites designed to steal wallet credentials — a scam that reports say drained at least $400,000 before it was reported.
Successive events paved the way for an explicit public warning from Manuel Arauz, founder OpenZeppelinone of the most widely used smart contract security companies in the industry.
Araoz said he is now studying all of decentralized finance insecurea statement that quickly spread through developer circles after he posted it online.
His thinking addresses a fundamental problem of how blockchain security works. Defenders have to find and patch every vulnerability, while an attacker only needs one to exhaust the entire protocol.
PSA: I now consider *all* DeFi unsafe.
Programming agents are great at finding vulnerabilities, and smart contract security is highly asymmetric: defenders need to fix every bug while attackers need only one exploit to steal funds.
– Manuel Araoz (@maraoz) May 26, 2026
AI tools change the balance
Araoz pointed to AI-powered programming tools as the reason why managing balance is so difficult. Reports indicate that these tools are believed to allow attackers to scan contracts for vulnerabilities at a speed and scale that most security teams cannot match.
He went further in private communications, reportedly advising friends and family to withdraw their funds from major DeFi platforms altogether, including Aave, MakerDAO, and Compound. These three platforms represent a large share of the total value locked through DeFi.
Cybersecurity analysts have raised similar concerns, warning AI is accelerating how quickly attackers can identify vulnerabilities, build phishing infrastructure, and run simulated exploit strategies against live protocols.
ETHUSD trading at $2,067 on the 24-hour chart: TradingView
Complexity makes defense more difficult
The problem is exacerbated by how modern DeFi protocols are built. Many of them now stack multiple components on top of each other – bridges, lending systems, mortgage mechanisms, automated reward contracts – and each additional layer expands the surface area that must be defended.
OpenZeppelin itself has previously pointed out how dangerous these groups are, and identified a vulnerability that emerged from the interaction between them ERC-2771 and multiple call standards, two widely used contract types that have resulted in unintended exposure when used together.
Major protocols have responded by pouring resources into audits, bug bounty programs, and formal verification. Reports indicate that even these efforts have not completely closed the door to phishing attacks and incentive manipulation schemes.
The concern now is whether smaller DeFi projects — those that don’t have the budget for constant security reviews — can withstand attackers who move faster than before.
Featured image from Binance, chart from TradingView
Editing process Bitcoinist focuses on providing well-researched, accurate, and unbiased content. We adhere to strict sourcing standards, and every page is carefully reviewed by our team of senior technology experts and experienced editors. This process ensures the integrity, relevance, and value of our content to our readers.
