Renegade.fi has recovered about $190,000 after a whitehat hacker exploited a vulnerability in one of its Arbitrum-based dark pools and later returned more than 90% of the stolen assets. Blockchain security firm Blockaid said the exploit drained roughly $209,000 from…
The post Ink Finance and Renegade report exploits as hackers continue to raid DeFi appeared on BitcoinEthereumNews.com.
Two DeFi protocols, Ink Finance and Renegade, have lost a combined $349,000 in separate exploits that occurred in less than two days. Renegade, which raised around $3.4 million in a 2023 seed round led by Dragongly Capital, currently holds over $129,500 in total value locked across its Base and Arbitrum deployments, according to DefiLlama. The protocol held over $338,000 before the hack. Renegade’s TVL dropped sharply after the May exploit. Source: DeFiLlama. Ink Finance has not acknowledged or released any public statements on the exploit. The latest exploits are being seen as an extension of the streak of attacks that made April 2026 the worst month on record for smart contract losses. Ink Finance and Renegade suffer exploits Ink Finance’s exploit was flagged by blockchain security firm Blockaid on May 11. According to Blockaid, the attacker drained approximately $1
This incident highlights the critical need for robust security audits in DeFi, as even minor oversights can lead to significant financial risks.
The post Renegade recovers $190K after hacker returns 90% of stolen funds appeared first on Crypto Briefing.
Blockchain security firm Blockaid linked the exploit to the same operator behind the March 2025 1inch Fusion V1 incident, though it stems from a different vulnerability.
The Arbitrum-based RWA perps protocol now routes net directional flow to Jump and prime brokers offchain, retiring the single-pool model that absorbed all trader risk.
Admins who use Cisco Webex Services configured to use trust anchors within the SSO integration with Control Hub must install a new identity provider certificate to close a critical vulnerability, or risk losing access control.
Cisco said in an advisory this week that admins must upload a new identity provider (IdP) SAML certificate to Webex Control Hub, the web-based management portal where IT administrators can control all Cisco Webex services, including certificate management, meetings, messaging and calling. Failure to close this hole will allow an unauthenticated, remote attacker to impersonate any user within the service.
The vulnerability, CVE-2026-20184, carries a CVSS score of 9.8.
Because Webex is a cloud service, Cisco can, and has, patched its side of the application. But admins using single-sign on (SSO) still need to install the new certificate. There are no workarounds.
A Webex support article on managing SSO integration says that information about certificates is found i
