Coinbase incurred a loss of approximately $300,000 in token fees after inadvertently approving assets to a 0x Project smart contract, which allowed a maximal extractable value (MEV) bot to siphon off the funds. Security researcher Deebeez from Venn Network highlighted the issue in a post on X, noting that Coinbase’s corporate wallet interacted with 0x’s 'swapper' contract, a tool meant for executing swaps but not for receiving token approvals. This oversight exposed assets to theft, as anyone could call the contract for arbitrary actions. Deebeez shared screenshots showing Coinbase granting approvals for various tokens, which the MEV bot exploited to transfer funds from Coinbase’s fee receiver account. Coinbase's chief security officer, Philip Martin, confirmed the incident as an isolated issue due to a configuration change, assuring that no customer funds were impacted. The company has since revoked the token allowances and transferred remaining assets to a new wallet. Read more AI-generated news on: https://app.chaingpt.org/news