PANews reported on May 1st that Purrlend suffered a security incident on April 25th, resulting in a loss of approximately $1.52 million on its HyperEVM and MegaETH deployments. Attackers compromised two-thirds of the team's administrator multisignature wallets, granting malicious addresses multiple administrator privileges, including BRIDGE_ROLE. They then minted approximately 2 million pUSDm and 4.85 million pUSDC without collateral using the mintUnbacked function, using these as collateral to borrow real assets from the liquidity pool. HyperEVM lost approximately $1.2 million, and MegaETH lost approximately $325,000. Purrlend has suspended the protocol, revoked permissions, and contacted law enforcement and blockchain analytics firms to trace the funds. The root cause of the incident was the lack of a time lock in the multisignature configuration, rather than a vulnerability in the smart contract logic. The team is exploring compensation options.