Safe{Wallet}'s forensic statement says the Bybit attack attributed to Lazarus was enabled by a compromised Safe{Wallet} developer machine that led to a disguised malicious transaction proposal for a Bybit Safe account. External reviewers did not find vulnerabilities in Safe smart contracts, front-end source code, or related services. Safe rebuilt and reconfigured its infrastructure, rotated credentials, restored Ethereum mainnet service in phases, and warned users to remain cautious when signing transactions.