On September 8, a security researcher published a blog post reporting that the developers behind the Shiba Inu coin — one with reality-defying levels of popularity at #13 on the list of coins by market cap — had apparently published their AWS credentials to Github. After making the discovery, his team attempted to contact the developers, but were not able to find a bug bounty program, responsible disclosure policy, or even people they could reach out to personally.
Luckily for Shiba Inu (and somewhat miraculously), the tokens were invalidated two days later before anyone malicious apparently took advantage of the vulnerability. The researcher wrote that the exposure had "the potential to cause serious security breaches, including but not limited to user fund theft, token embezzlement, disruption of services, etc."