Another Ethereum re-entrancy attack as @pendle_fi gets exploited - ongoing. As of September 30, 2025 (around 4:44 PM GMT), multiple X users have flagged suspicious activity on Pendle Finance, a leading DeFi yield tokenization protocol. The claims describe a malicious actor minting Principal Tokens (PT) for Pendle's wrapped version of Ethena's USDe (pUSDe) without depositing underlying assets—essentially creating them "out of thin air"—then dumping them on markets to extract value. Over $1 million in ETH has reportedly been withdrawn from the attacker's address so far, with fears of escalation. This echoes tactics from past DeFi exploits, like the September 2024 Penpie hack (a Pendle-integrated yield optimizer), where attackers created "evil markets" with fake contracts to inflate rewards and drain ~$27M in assets (converted to 11,109 ETH). The exploiter is allegedly calling Pendle's minting functions (via mintPY or similar) on a malicious Standard Yield (SY) contract for pUSDe, bypassing collateral requirements. This floods the market with discounted PT-pUSDe tokens, which are then swapped for ETH or other assets. PT tokens represent the principal portion of yield-bearing assets (e.g., locked USDe), redeemable at maturity minting them without backing devalues pools and enables dumps. Extracted Funds: Initial traces show ~$1M+ in ETH bridged/withdrawn, per wallet monitoring. No confirmed total loss yet, but rapid dumping could cascade into liquidity crunches. Affected Assets: Primarily PT-pUSDe (Pendle-wrapped USDe from Ethena). pUSDe ties into Ethena's synthetic dollar ecosystem, which has seen heavy Pendle integration for fixed-yield strategies.