Svmuu News: Blockchain security firm Hexens disclosed that it discovered a critical vulnerability in the Aptos blockchain’s Move Virtual Machine (Move VM) in February of this year. The vulnerability was patched within hours of being reported, and no funds were lost. Hexens stated that the vulnerability stemmed from a caching flaw that could lead to a type confusion vulnerability, allowing an attacker to theoretically gain access to high-privileged roles such as stablecoin minting, cross-chain bridges, and DeFi protocols. The research team set up a simulation environment closely resembling the mainnet using a server costing approximately $3,000 and tested the exploit path about 20 times, with approximately 17 to 18 successful attempts. They estimated that the vulnerability could have impacted approximately $250 million in Aptos’ native TVL; if it had further affected infrastructure such as cross-chain bridges, stablecoins, and centralized exchanges, the theoretical systemic risk exposure could have reached as high as approximately $70 billion. Aptos stated that the vulnerability has an extremely low exploitability in a live environment and noted that it had been promptly patched through its bug bounty program, with no impact on any users or funds.