Forged Cross-Chain Message Let Attacker Seize Bridged DOT and Cash Out $237,000
The exploit bypassed state proof validation on a bridge contract, gave the attacker admin control over the bridged Polkadot token, and enabled minting and selling the full supply.