An attacker has exploited a governance misconfiguration in the Token of Power (TOP) Aragon DAO. They reportedly used majority voting power to mint tokens and drain roughly 944 WETH, which is worth around $1.58 million, from a Balancer V1 liquidity pool on Ethereum. Various blockchain security firms flagged the incident, relying on the effective vector, which showed that TOP’s total token supply was just 16,384 tokens, and the attacker held slightly more than half of them.