Safe — Cyber Attacks, Breaches & Threat Activity

Threat entity extracted from intelligence sources

Frequency
4
occurrences
First Seen
May 25, 2026
Last Seen
July 3, 2026

Safe is a organization tracked across 4 threat clusters and 4 intelligence report mentions on ThreatCluster. First observed May 25, 2026; most recent activity July 3, 2026.

Related Threat Clusters

  • Bybit Hack: $1.5 Billion Theft by North Korean Hackers

    In February 2025, a major hack on the Bybit cryptocurrency exchange resulted in the theft of $1.5 billion in Ethereum. The attack was attributed to the North Korean Lazarus Group's TraderTraitor subunit, exploiting a…

    2 articles · Updated June 9, 2026
  • Gnosis Pay Exploit Targets Delay Module, User Losses Expected

    Gnosis Pay experienced an exploit on June 1, 2026, affecting its delay module, which controls transaction permissions for users' Safe wallets. Co-founder Martin Köppelmann confirmed that the attacker could initiate…

    6 articles · Updated June 1, 2026
  • Exploit of Safe Wallet Module Leads to $3.2M Theft

    A vulnerability in the third-party module 'SquidRouterModule' exploited Safe wallets, resulting in a loss of $3.2 million. The attack affected at least 86 accounts on Ethereum and Base, with stolen tokens converted to…

    4 articles · Updated May 25, 2026
  • Gnosis Pay Suffers $1.5 Million Exploit Due to ERC-1271 Vulnerability

    On June 1, Gnosis Pay experienced a significant security incident due to a flaw in the ERC-1271 signature verification logic within the Zodiac Delay Module. This vulnerability allowed attackers to deploy contracts that…

    2 articles · Updated July 3, 2026

Recent Intelligence Reports

  • Gnosis Pay Shares Details of Security Incident on June 1 — Cryptonews · July 3, 2026
  • From Bybit's $1.5B Hack to Musk's IPO Chaos: Why Investors Are Turning to IPO Genie — Streetinsider · June 9, 2026
  • Gnosis Pay Hit by 'Delay Module' Exploit as Gnosis Pledges to Cover User Losses — Thedefiant · June 1, 2026
  • Squid and Safe Labs say third-party module behind $3.2M exploit — Bitget · May 25, 2026

CVSS v3.1 Breakdown