CoinVoice recently learned that, according to the official blog, 1inch disclosed that it discovered a security vulnerability on December 9, where the attacker fraudulently gained access to the private keys belonging to the owner of the 1inch Labs parser smart contract.
The attacker exploited this access to change the contract settings and transferred funds from the 1inch parser. 1inch stated that its team acted quickly to resolve the issue, the attacker revoked the stolen access, and 1inch strengthened its security measures to prevent such incidents from happening again in the future.
1inch stated: "Since our protocol is non-custodial, user funds are safe. The 1inch application and infrastructure are unaffected and remain completely secure." [Original link]