Attackers have exploited a bug in the Osmosis exchange to the tune of $5M as FireStake validators admit to their role in racking up roughly $2M before stepping forward.