A compromised Uno Re deployer private key let an attacker transfer contract ownership, alter the claims assessor role, and drain SSIP, SSRP, and Rewarder contracts. Uno Re reported losses of 32.4 million UNO, 127.9 thousand USDC, 59.3 thousand USDT, and 18.4 ETH, with stolen UNO sold through Uniswap and PancakeSwap before proceeds were moved through exchanges, mixers, swaps, and additional chains. Forensic work suggested the attack may be part of a broader operation targeting developer and deployer accounts, with DareNFT and LunaFi cited as related examples, but the report did not attribute the activity to a named threat actor. Uno Re planned multisig, contract-permission, monitoring, decentralization, audit, and bug-bounty changes while pursuing fund recovery and LP compensation.