An independent security researcher discovered a critical vulnerability in its Retail Advanced Trading platform. The bug allowed users to sell cryptocurrencies they did not own without owning them. The researcher, aka Tree of Alpha, said he received a bounty of $250,000 for discovering the bug. The amount is the “largest-ever” bounty paid by the company, according to the researcher. The company says the vulnerability’s impact was restricted as the vulnerable API was only used by the platform’s retail Advanced Trading service.”]
Source: https://www.cuinfosecurity.com/market-nuking-coinbase-api-bug-halted-new-trading-orders-a-18582