Losses from crypto-related exploits dropped sharply in May, giving the industry a much-needed break after a tough April.
Blockchain security firm CertiK reports that crypto projects lost about $68.3 million to exploits in May, almost 90% less than the $650 million lost in April. This makes May one of the least damaging months of 2026 for cybersecurity.
Even though losses were much lower, attacks still happened in different parts of the crypto world. Phishing scams stole about $2.6 million, and around $9.4 million was recovered or returned in May.
The biggest incident was with Verus Protocol’s cross-chain bridge, which lost about $11.5 million. Another major attack hit THORChain, with over $10 million stolen.
CertiK said code vulnerabilities were still the most expensive problem, making up about two-thirds of all losses in May. Wallet and private key compromises were the next biggest source of stolen funds.
Attackers kept targeting cross-chain bridges, showing that security is still a big concern for systems connecting different blockchains.
Security researchers also noted a rise in AI-assisted malware and more advanced attacks on crypto developers. Sometimes, attackers tried to compromise code repositories and tamper with AI coding tools used by developers.
Even with better numbers in May, security experts warn that cyber threats are still a big challenge for the digital asset industry. They say projects need to keep investing in audits, monitoring, and risk management.
Combining all the incidents in May we’ve confirmed ~$68.3M lost to exploits with
~$2.6M of the total attributed to phishing.After a particularly bad April, May is now the third month of 2026 to record losses under 100M$.
More details below 👇 pic.twitter.com/GSWTLKXWDH
— CertiK Alert (@CertiKAlert) May 31, 2026
Stay informed with the latest trends in Web3, blockchain innovation, and cybersecurity updates at 3verseTV
You need to login in order to Like
Leave a comment