A vulnerability in Hyperdrive’s contract code allowed third parties to manipulate user positions, with losses reported by a notable community member; the project team has yet to respond.
The Hyperdrive DeFi protocol, part of the Hyperliquid ecosystem, was reportedly exploited, leading to losses of around $700,000. The vulnerability stemmed from users setting Router as Operator, allowing unauthorized third parties to execute calls to whitelisted contracts, including Market. The project's official response is still pending, with the exploit identified by @CryptoNyaRu and @xhanTululu.