Blockchain security firm CertiK has reported an exploit involving the Ethereum infrastructure platform Syndicate after a compromise of the Commons bridge. According to CertiK, a single address acquired approximately 18.5 million SYND tokens and sold them for roughly $330,000.
The proceeds were then bridged to Ethereum.
Syndicate Promises User Compensation
The breach severely impacted Syndicate’s native token. Data from CoinMarketCap shows SYND fell more than 37% in the past 24 hours, dropping to $0.021.
Syndicate Network, which builds infrastructure for application-specific blockchains with on-chain sequencers, confirmed the Commons bridge compromise on X and said it is investigating unusual movements of SYND tokens.
In its most recent statement, the team said it is tracing the attack, collaborating with security firms, and advising users to avoid providing liquidity until the situation is resolved. Syndicate also said it is exploring options to compensate affected users and that it holds sufficient token reserves to support those who lost SYND.
Rampant Hacks
This incident follows a string of high-profile exploits. Less than two weeks earlier, the KelpDAO attack—one of the largest crypto exploits of 2026—resulted in over $293 million being drained via a cross-chain bridge vulnerability. Chainalysis described that incident as a sophisticated attack on off-chain infrastructure.
Attackers in the KelpDAO case compromised internal RPC nodes and disrupted external nodes with DDoS attacks, sending false data to a single-point verification system. That manipulation caused an Ethereum contract to release funds tied to a fabricated token burn. Because the fraudulent activity appeared normal on-chain, typical security checks failed to detect the breach.
More recently, Volo Protocol reported a security breach that led to losses of about $3.5 million from its vaults. The exploit affected three vaults holding WBTC, XAUm, and USDC. Volo’s team said it detected the incident, notified the Sui Foundation and ecosystem partners, and froze the affected vaults. All vaults were later paused as a precaution while the investigation continues.