[Cross-chain liquidity protocol CrossCurve attacked due to smart contract vulnerability, approximately $3 million stolen] According to The Block, the cross-chain liquidity protocol CrossCurve (formerly known as EYWA) has confirmed that its cross-chain bridge protocol is 'under attack' due to a vulnerability in its smart contract, resulting in approximately $3 million being stolen across multiple networks. Blockchain security firm Defimon Alerts discovered that the attack exploited a gateway verification bypass vulnerability in CrossCurve's ReceiverAxelar contract. Analysis shows that anyone could use a forged cross-chain message to call the expressExecute function of the contract, bypassing the intended gateway verification and triggering unauthorized token unlocks on the protocol's PortalV2 contract. The protocol, supported by Curve Finance founder Michael Egorov, had previously raised $7 million in funding.