TLDR
- May 2026 recorded $68.3 million in cryptocurrency exploit losses, representing a 90% decrease from April’s $650 million total
- This marks the third time in 2026 that monthly losses have remained below the $100 million threshold
- Verus Protocol suffered the month’s most significant attack, losing $11.5 million through a cross-chain bridge vulnerability
- Approximately 66% of total losses, around $45 million, stemmed from code-related vulnerabilities
- Cross-chain bridge platforms bore the brunt of attacks, representing 42% of aggregate monthly losses
Cryptocurrency platform exploits resulted in $68.3 million in losses during May, as reported by blockchain security provider CertiK. This figure represents a dramatic decline of approximately 90% compared to April’s $650 million in losses.
The security firm released its findings via X, highlighting that May becomes the third month this year where aggregate losses stayed beneath the $100 million mark.
April had emerged as one of the most devastating months for crypto security incidents. Setting aside the massive $1.5 billion Bybit breach from February 2025, April’s damage represented the most severe monthly total since March 2022. The Kelp DAO incident, which saw $291 million compromised, stood out as April’s primary contributor.
May, in stark contrast, demonstrated considerably less severe activity.
Phishing schemes accounted for $2.6 million of the month’s total damage. Approximately $9.4 million in compromised assets were either recovered or voluntarily returned throughout the period.
Cross-Chain Infrastructure and Coding Errors Dominated Security Failures
The month’s largest security breach targeted Verus Protocol’s cross-chain bridge infrastructure on May 18, resulting in $11.5 million being stolen. THORChain experienced the second-most damaging incident, with a mid-May exploit costing the platform $10.1 million.
Cross-chain bridge technology emerged as the primary target throughout May, accumulating $28.6 million in losses—representing 42% of the month’s total damage.
Coding vulnerabilities proved to be the dominant root cause when measuring losses by dollar value. Approximately $45 million, constituting roughly 66% of aggregate losses, originated from defective code implementations. Wallet breaches and private key compromises ranked second, with $13.7 million stolen through these methods.
According to DeFiLlama’s tracking data, May witnessed 29 distinct security incidents. Private key compromises accounted for seven of these events.
The month’s final two incidents, both documented on May 30, affected Alephium Bridge and Gravity Bridge. Alephium sustained $815,000 in losses while Gravity Bridge experienced a $5.4 million breach, with both incidents attributed to compromised private key security.
CertiK additionally identified an uptick in AI-powered malware campaigns throughout May. Threat actors specifically targeted cryptocurrency and artificial intelligence developers by infiltrating code repositories and manipulating AI-powered coding assistants into executing malicious operations.
Despite the significant improvement from April’s figures, security analysts emphasize that cross-chain bridge infrastructure and private key management continue to represent critical vulnerability areas as 2026 progresses.
Get 3 Free Stock Ebooks
Discover top-performing stocks in AI, Crypto, and Technology with expert analysis.
- Top 10 AI Stocks - Leading AI companies
- Top 10 Crypto Stocks - Blockchain leaders
- Top 10 Tech Stocks - Tech giants
