Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Pundi AI recently experienced a security breach resulting in the unauthorized minting of 1 million tokens. The incident was caused by a vulnerability in the token swap contract, which was exploited via a front-running attack during deployment. According to Pundi AI co-founder Danny Lim, the exploit led to the creation of tokens valued at approximately $6 million at the time of the incident. Through coordinated asset freezes and recovery efforts, the team successfully retrieved around 87% of the affected funds. The remaining loss—nearly $2 million—will be fully covered by the project team. Attack method (per SlowMist): Contract Vulnerability. Reported loss: $ 6,570,000.
- chain
- —
- protocol
- Pundi AI
- bug_class
- access-control
- date_occurred
- 2025-07-12
- loss_usd
- $6,570,000
- source_id
- sm:pundi-ai::2025-07-12