Ethereum Name Service is a organization tracked across 4 threat clusters and 6 intelligence report mentions on ThreatCluster. First observed November 24, 2025; most recent activity April 20, 2026.
The Ethereum Name Service (ENS) is a decentralized domain name system on Ethereum that maps human-readable names to addresses, content hashes, and other resources. It relies on open-source tooling, libraries, and smart contracts, making it relevant to cybersecurity due to potential supply-chain risks, domain hijacking, and phishing threats targeting ENS users and integrations.
On April 18, 2026, Kelp DAO's LayerZero-powered cross-chain bridge was exploited, resulting in the theft of 116,500 rsETH, valued at approximately $293 million. The attacker utilized a forged cross-chain message to…
The Shai Hulud worm has compromised more than 26,000 public repositories in a supply chain attack. The attack targeted various npm packages, exploiting vulnerabilities that allowed unauthorized access to these…
On April 17, 2026, the Ethereum Name Service gateway eth.limo was briefly hijacked due to a social engineering attack against its domain registrar, EasyDNS. An attacker impersonated a team member to initiate an account…
A new wave of the Shai-Hulud malware has compromised nearly 500 npm packages, affecting over 26,000 GitHub repositories. This self-replicating worm, which targets developers' credentials and secrets, has been linked to…