Coinbase lost $300,000 in token fees after mistakenly approving assets to a 0x Project smart contract, enabling an MEV bot to drain the funds. Security researcher Deebeez reported that Coinbase’s corporate wallet interacted with a vulnerable “swapper” contract, exposing tokens like Amp and DEXTools to theft. The MEV bot, described as “lurking,” exploited the error. Coinbase’s chief security officer confirmed the isolated issue, stating no customer funds were affected, and the company revoked token allowances and relocated remaining funds to a new wallet.