Kelp DAO claims that LayerZero's default single-authentication configuration was the real reason for the $290 million bridging vulnerability being compromised.

CoinFeed reported on April 20th that, according to CoinDesk, Kelp DAO attributed a recent cross-chain bridge attack involving approximately $290 million worth of rsETH to a breach of LayerZero's default "1/1" single-validation configuration and its own infrastructure. The attackers compromised two LayerZero servers used for validating cross-chain transactions and launched a DDoS attack on a backup server, redirecting DVN traffic to the compromised node, thereby transferring approximately 116,500 rsETH from Kelp's LayerZero bridge.