The past few weeks have shown that we still have a long way to go in terms of security. How can we expect retail users to join if even our largest protocols keep getting hacked so easily? $135M+ have been lost to exploits in October. @Balancer: Major hack in early November with a total loss of $116.6M. The attacker exploited a flaw in the manageUserBalance function, where a poorly implemented access control (verifying msg.sender using a user-provided op.sender value) allowed them to impersonate some account owners. @MoonwellDeFi: Exploit of $1M due to a critical vulnerability in the rsETH/ETH price oracle. The oracle massively overvalued the wrapped restaked ETH asset (~$5.8M per token instead of ~$3.5K), allowing the attacker to perform repeated flash loans and drain funds. @MIM_Spell: The hack stemmed from a flaw in the cook function, which executes multiple actions within a single transaction. The attacker repeatedly used two operations, a borrow action (action 5) that passed solvency checks, followed by an empty update (action 0) that reset control flags bypassing final validations. Around 1.79M $MIM across six addresses were stolen. @TypusFinance: Lost approximately $3.44M due to a flaw in its custom oracle. A missing assertion allowed the attacker to manipulate token values and perform swaps at incorrect prices. @gardenfi: Experienced a major exploit leading to a $10.8M loss. The attack targeted a vulnerability within one of the protocol’s solvers. @Paxos: Not a hack, but a critical incident. Paxos mistakenly minted $300T PYUSD (their regulated stablecoin) because of an internal transfer error, an amount 2.5x the global GDP. This highlighted the risks of centralized control in stablecoins. @DIMO_Network: Involved suspicious activity from an admin wallet. An admin upgraded the proxy contract, withdrew 30M $DIMO tokens, and sold them for roughly $40,000. @BNBCHAIN: A phishing attack compromised several accounts, leading to about $13,000 in stolen funds. All victims were later fully reimbursed in USDT. At this point, it’s understandable why many retail users prefer putting their money into traditional finance. Yes, it’s centralized, but there are far fewer hacks, and when incidents do happen, insurance or recovery mechanisms often step in. Still, I haven’t lost faith in crypto. I know it’s the future. But what all of this shows right now is that there’s still a long road ahead before the average person can feel truly safe entrusting their savings to DeFi.