Monthly exploit losses plunged 90% to $68.3M in May, but bridges and code vulnerabilities still caused $45M in damage. The June tally will test if the drop is structural or temporary.
Alpha Score of 47 reflects weak overall profile with moderate momentum, weak value, weak quality, moderate sentiment.
Crypto exploit losses fell to $68.3 million in May 2026, down roughly 90% from the $650 million recorded in April. The figure marks the third month this year below the $100 million threshold, according to available data.
The simple read is encouraging: the steep decline suggests security improvements or reduced attack windows are clamping down on exploit volume. April's spike was an outlier driven by a few large bridge attacks. May returns closer to the baseline seen in earlier months.
A closer look at the breakdown complicates the narrative, however. Bridges still accounted for $28.6 million in stolen funds – nearly half the total. Code vulnerabilities caused around $45 million in losses. That means core infrastructure risks remain intact even as headline numbers fall. The drop may reflect shorter attack windows, not fundamentally stronger defenses.
For traders and DeFi participants, the May reading is a reprieve but not a reset. The question is whether the industry is genuinely harder to exploit or simply less targeted in a given month.
Bridge protocols lost $28.6 million in May. While down from April's sum, they remain the single largest category of exploit losses. Cross-chain bridges concentrate liquidity and often involve complex smart contract code, making them attractive targets. The residual $45 million from code vulnerabilities shows that basic software security gaps still produce material theft. Neither category has been eliminated.
Many of the affected networks rely on Ethereum (ETH) or Ethereum Virtual Machine chains. That concentration means a single audit failure or zero-day exploit in a widely used bridge could quickly reverse the trend.
Large exploit events tend to pressure token prices, reduce liquidity on affected platforms, and trigger insurance claims. The smaller May figure reduces short-term tail risk for the broader crypto market. If the trend holds, confidence in DeFi protocols may improve, especially for those with audited code and insurance coverage.
A single bridge exploit can erase months of progress, however, and May's data does not guarantee June will stay low. Protocols that rely on cross-chain liquidity – including those offering yield or leveraged strategies – remain vulnerable to contagion if a major bridge is drained.
The next data point will be the June monthly tally. If exploits stay subdued, the market may start pricing in a lower risk premium for DeFi tokens. If another large bridge attack hits, expect immediate liquidity stress on the targeted protocol and broader sector volatility.
Prepared with AlphaScala research tooling and grounded in primary market data: live prices, fundamentals, SEC filings, hedge-fund holdings, and insider activity. Each story is checked against AlphaScala publishing rules before release. Educational coverage, not personalized advice.