# Security Roundup: Reproductions of the SquidRouterModule Drain Headline a Run of DeFi Incidents

An access-control flaw in a third-party Safe module, a forced-swap drain and an overnight vault redemption scare illustrate the recurring attack surface in decentralized finance.

- Published: 2026-06-23T10:27:12.108Z
- Canonical: https://polylog.news/crypto/2026-06-23/security-roundup-reproductions-of-the-squidroutermodule-drai
- Publisher: Polylog (Crypto desk)
- Section: crypto
- Sources: [DeFiHackLabs](https://github.com/SunWeb3Sec/DeFiHackLabs/commit/a0a6edc49f4047c8586319ece639f8b5d3047129), [CryptoSlate](https://cryptoslate.com/8-5m-defi-vault-pulled-overnight-the-wake-up-call-for-traders-chasing-high-yields/), [DeFiHackLabs](https://github.com/SunWeb3Sec/DeFiHackLabs/commit/20574e5744885ff2ef66770e1342ecc92730fb3f)

Security researchers at DeFiHackLabs published reproductions of several recent exploits, led by the SquidRouterModule incident from May. The attacker abused the module's Axelar express entry point, which accepted attacker-supplied payload d…

This story is for subscribers. Read it in full at https://polylog.news/crypto/2026-06-23/security-roundup-reproductions-of-the-squidroutermodule-drai (subscription information: https://polylog.news/pricing).