PeckShield tweeted that the $aBNBc token contract has an unlimited mint bug. Specifically, while mint() is protected with onlyMinter modifier, there is another function (w/ 0x3b3a5522 func. signature) that completely bypasses the caller verification to have arbitrary mint.
Previously, the Ankr $aBNBc contract was exploited, and trillions of $aBNBc were minted. Ankr said in response that it was working with the exchange to immediately halt trading.