Thank you for sharing this warning.
Fortunately, Kelp DAO has regained control of their account on X. They have stated that their official domain, smart contracts, and dApp were not affected by what happened to their X account, and they assure they are safe to use now. The hacking occurred due to a third-party application that granted unauthorized posting permissions to the attackers in their official X account.
From what happened, we can infer that it's essential not to connect our social media accounts to any unknown third-party applications, as they can exploit these permissions and gain partial or full access to the account. Research, focus, and attention are crucial when encountering suspicious tweets from projects we follow. Never open any link without reading it thoroughly and confirming that it is the official domain.
[1]
https://twitter.com/KelpDAO/status/1737518521507250481