Venn Network reported that anomalous transactions exposed a backdoor in thousands of uninitialized ERC1967Proxy smart contracts, leaving more than $10 million at risk. The attacker front-ran deployers, set malicious implementations, and spoofed Etherscan upgrade events so contracts appeared normal while calls were forwarded through attacker-controlled logic. Venn, Dedaub, SEAL 911, and other responders ran a 36-hour coordination effort to help protocols reconfigure or upgrade vulnerable contracts and withdraw funds before the attacker moved. The thread cautiously points to a sophisticated actor and mentions Lazarus as a suspected possibility, but the evidence in the excerpt centers on the proxy abuse, mitigation work, and rescue of DeFi funds.