Gnosis Safe Users Targeted in $3.2M Base and Ethereum Exploit

A significant security exploit has occurred on the Base and Ethereum blockchain networks, compromising the safety of Gnosis Safes users.

The attack, which was detected on May 25, 2026, resulted in approximately $3.2 million being stolen from 86 Gnosis Safes within a two-hour timeframe.

The vulnerability was attributed to a smart contract called SquidRouterModule, which had been whitelisted by the victims as a legitimate Safe Module.

According to reports, the attacker used an immutable string provided by the caller as proof of security, which was visible in the publicly available source code. This allowed the execution of calldata within an array, enabling the withdrawal of funds from the Gnosis Safes regardless of token type.