A typo in the Zerocoin source code costs the company more than $585,000 in losses. The bug was created due to one extra character left inside the source code that allowed the unknown attacker to reuse his/her existing valid proofs to generate additional Zerocin spend transactions. The team is set to release an urgent fix within the next 24 hours, so all pools and exchanges are advised to update their software as soon as the release is out. By initiating one transaction, the attacker received Zcoins multiple times over.
Source: https://thehackernews.com/2017/02/zcoin-zerocoin-typo.html