Wu learned that Flow released a technical post-incident analysis report on the security incident on December 27, 2025, disclosing that attackers exploited a type obfuscation vulnerability in the Cadence VM to forge tokens. It was confirmed that approximately $3.9 million worth of assets flowed out through cross-chain bridges (including Celer, deBridge, Stargate, and Relay) before the network suspension. The vast majority of the remaining forged assets have been restricted on-chain or controlled by relevant parties. Flow restored mainnet operation on December 29 using an isolation recovery plan and deployed multiple patches to strengthen static type verification and runtime defenses. Simultaneously, it is cooperating with on-chain forensic institutions and relevant departments to advance the follow-up investigation.