North Korea's Lazarus APT has successfully stolen $290 million from Kelp DAO by exploiting vulnerabilities in LayerZero, with a subsequent attempt to steal an additional $95 million thwarted. The attack involved suspicious cross-chain activity related to rsETH, prompting Kelp DAO to pause contracts across multiple networks while investigating. The incident highlights the threat posed by state-aligned groups, which shifts the threat model from traditional criminal activity to geopolitically motivated operations, requiring a distinct approach to mitigation1. The Lazarus Group's involvement underscores the sophistication and capabilities of nation-state linked actors in the cyber domain. This incident demonstrates the importance of robust security measures and collaboration between organizations to counter such threats. The geopolitical implications of state-aligned cyber activity make it essential for practitioners to reassess their threat models and develop strategies to counter these emerging threats.