The exploits appear to be rooted in an issue with Vyper, an alternative programming language for smart contracts.