ANKR and Stader's liquid staking protocols on BSC are vulnerable to sandwich attacks where attackers can stake immediately before reward distribution, capture a disproportionate share of newly minted rewards via the updateRatio() function, and exit with profits via DeFi markets before actual reward distribution occurs. The root cause is that rewards are distributed collectively but users can claim their share immediately despite their capital not being deployed during the staking period.
A crypto trader lost $50 million in a single token swap transaction on Aave through CoW Protocol due to extreme slippage (99%+) when attempting to trade a massive order against shallow liquidity pools. Arbitrage bots and block builders captured ~$43 million in profit from the price dislocation, with the user having explicitly confirmed slippage warnings on their mobile device.