According to SlowMist, the Ronin Bridge was attacked because the weights were modified to unexpected values, allowing funds to be withdrawn without any multi-signature threshold checks. Previously, Ronin Bridge was attacked, involving funds of $9.33 million. Ronin Bridge was subsequently deactivated and the team is investigating reports of potential MEV vulnerabilities.