Drift Protocol lost $285M after attackers took over governance, not by breaking code but by abusing approvals.

They used pre-signed transactions, social engineering, and a zero-timelock change to gain admin control, add a fake asset, and remove limits to drain funds.

�� How governance and multisig failures enabled the exploit → https://thehackernews.com/2026/04/drift-loses-285-million-in-durable.html