Moonwell suffers $1M loss in exploit

The Base-native decentralized lending protocol Moonwell (WELL) has been exploited for approximately $1 million, according to Web3 security firm CertiK. In a post on X, CertiK explained that an attacker was able to deposit 0.02 wrstETH in a flash loan and repeatedly borrow 20 wstETH. The vulnerability appears to stem from an issue with the oracle responsible for returning the value of wrst. The attacker ultimately stole a total of 295 ETH.