the bybit example is the best illustration of this, a $1b operation with dedicated security teams, and the attack vector was social engineering on a developer, not a technical exploit.
technical knowledge narrows your attack surface. it doensn't eliminate the human layer, and the human layer is always the softest target.
Social engineering is an underrated form of scam and hacking. It reduces your intelligence level to zero. Once the person is able to penetrate and convince you to trust him or her, you will neglect some of the measured security flaws, which ordinarily you know the danger of doing something you are asked to do that will cost you your fortune in most cases the person have to realize how stupid they were after they have been hit.
