Huma Finance has reported a $101,000 exploit involving its deprecated V1 BaseCreditPool contracts on the Polygon network. The breach, which occurred on May 11, allowed an attacker to siphon 82,316 USDC and 19,075 USDC.e due to a logic error in the credit-lifecycle management of these outdated contracts. Importantly, no user deposits were compromised, and the incident was limited to pool owner and protocol fees. The exploit was attributed to a preventable access-control flaw, highlighting the risks associated with leaving old smart contracts active. Huma Finance's newer V2 deployment on Solana and its PayFi Strategy Token (PST) remain unaffected and fully operational. The company quickly communicated the breach, emphasizing the safety of user assets and the integrity of its current systems. This incident underscores the need for rigorous audits of deprecated contracts within the DeFi ecosystem to prevent similar vulnerabilities.