Marco Croc, an anonymous cybersecurity researcher at Kupia Security, discovered a potential reentrancy vulnerability in the DeFi protocol Curve Finance. He published an article on the X platform explaining that the vulnerability could be exploited by hackers to manipulate balances and withdraw funds from the liquidity pool. Marco Croc received a $250,000 bounty for disclosing the vulnerability.
Curve Finance said that the threat of this vulnerability was classified as "less dangerous" and they believed that the stolen funds could be recovered in this case. However, any security incident of any scale "could cause serious panic once it occurs." After a thorough investigation, Curve Finance awarded Marco Croc the highest vulnerability bounty of $250,000. (Cointelegraph)