The ParaSwap AugustusV6 contract, which momentarily went live on March 18, contained a critical vulnerability that allowed hackers to drain funds from users who approved the upgrade.