Module attribution and Safe response

Source: cointelegraph2026/05/25 08:00

If you have any feedback or questions about this content, please contact us at crypto.news@kcex.com

The suspected root cause is a vulnerability in SquidRouterModule, which allegedly allowed the attacker to impersonate authorized delegates and trigger unauthorized token swaps, Blockaid said.

Safe Labs CEO Rahul Rumalla said the accounts “do not seem to be operated on official Safe Wallet product,” adding that it remains unclear how and where they were created and managed, likely created through externally deployed integrations.

Source: Rahul Rumalla

He said Safe Wallet surfaces such risks through “Safe Shield,” a feature designed to flag potentially malicious or unverified modules and guards before they are used. The CEO added that the exploited module had already been flagged as malicious by Blockaid, which is included in Safe Shield’s risk detection ruleset.

Cointelegraph approached Safe and its CEO for comment but did not receive a response by publication time.

Magazine: ETH bears growling, Tom Lee’s buying, XRP to ‘explode’: Market Moves

More on the subject

Disclaimer: The articles reposted on this website are sourced from public platforms and are for reference only. These articles do not represent the views or opinions of KCEX. All copyrights belong to the original authors. If you believe that any reposted article infringes upon the rights of a third party, please contact crypto.news@kcex.com for removal. KCEX makes no representations or warranties regarding the timeliness, accuracy, or completeness of reposted articles, and shall not be liable for any actions or decisions made based on such content. Reposted materials are for informational purposes only and do not constitute advice, endorsement, or basis for any commercial, financial, legal, and/or tax decisions.