According to @DecurityHQ postmortem report, after negotiations with the hacker, most of the 5 million stolen from 1inch has been returned, with the hacker keeping a portion as a bug bounty. The attack was caused by a vulnerability in the Fusion v1 smart contract, primarily affecting those using outdated versions of the resolver. Regular users’ funds were not impacted. H/T @WuBlockchain