So I'm reading up on the 2017 Parity blockchain hack and it's just absolutely hilarious.
The exploited bug is like "accidentally" allowing anyone on the internet to just call any method in some code. And the code manages your bank account.
https://blog.openzeppelin.com/on-the-parity-wallet-multisig-hack-405a8c12e8f7/
Nice list of most important exploits: https://dasp.co/