🟠The #stablecoin protocol ResupplyFi just took a heavy hit — losing nearly $9.6M in a classic price manipulation exploit. The vulnerability? A flaw in their ResupplyPair contract tied to synthetic stablecoin cvcrvUSD.
🟠Here’s what happened: the attacker inflated the share price in Resupply’s wstUSR market, using that artificial valuation to borrow $10M reUSD with minimal collateral. The funds were then washed through Tornado Cash, swapped to $ETH , and split between two wallets.
🟠Blockchain security firm Cyvers broke down the attack, highlighting failures in oracle checks, input validation, and edge-case testing. Essentially, all the usual DeFi landmines — still unfixed.
🟠Resupply has paused the affected contracts and promised a full post-mortem “soon.” But as usual, the damage is done. Another protocol, another lesson ignored.
🔍 In 2025 alone, crypto exploits have already racked up $2.1B+ in losses — and the year’s only halfway through. Until protocols start treating security as infrastructure (not an afterthought), this won’t be the last.
Buy and Trade $ETH here