Hunter ₿eaṩt @HunterBeast - 3mo
Yes, Taproot addresses (bc1p) are just encoded public keys, so they are vulnerable.
