This statement just adds more confusion. Says wasn't frontend issue, but a machine. ByBit claims it was injected javascript. But if serving systems for SAFE or frontend were compromised, why target just ByBit when there is 100B in SAFE's? Was SAFE hosting a specific UI for ByBit on a dedicated machine that got compromised? Post-mortems are only effective if teams are transparent on the exact technical issues, so that users can make informed safety choices. The blame game and vague statements from both ByBit and SAFE is pretty underwhelming here.