THORChain says a malicious node operator exploited a weakness in its GG20 threshold-signature setup, draining about $10.7M from one of the protocol’s vaults. In response, the team has published a recovery plan to limit user impact and is rolling out additional safeguards to reduce the chance of similar incidents happening again.
