- Trending
- Comments
- Latest
The cryptocurrency industry recorded a dramatic decline in exploit-related losses in May, with total damages falling nearly 90% compared with the previous month, according to blockchain security firm CertiK.
Despite the improvement, cybersecurity researchers warn that persistent vulnerabilities in cross-chain infrastructure and the growing use of artificial intelligence by threat actors remain significant risks for investors.
According to a report by Cointelegraph says crypto projects lost approximately $68.3 million to hacks, exploits, phishing campaigns, and other security incidents during May.
The figure represents a substantial decline from the nearly $650 million lost in April.
The latest numbers make May the third month of 2026 to record crypto-related losses below the $100 million mark, offering a temporary sign of relief after one of the industry’s most damaging periods in recent years.
While overall losses declined, attackers continued to focus on some of the most critical components of decentralized finance infrastructure.
The largest exploit recorded during May targeted Verus Protocol’s cross-chain bridge, resulting in approximately $11.5 million in losses.
A separate attack on THORChain led to another $10.1 million being stolen, making it the second-largest security incident of the month.
CertiK’s findings show that cross-chain bridges accounted for roughly $28.6 million in losses during May, representing about 42% of all stolen funds.
The data reinforces long-standing concerns among security experts that bridge infrastructure remains one of the most vulnerable sectors in the crypto ecosystem.
“After a particularly bad April, May is now the third month of 2026 to record losses under [$100 million],” — CertiK, in a statement posted on X.
The firm’s analysis also found that software vulnerabilities remained the leading cause of losses.
Exploited code flaws accounted for approximately $45 million, or nearly two-thirds of the monthly total. Wallet compromises and stolen private keys were responsible for another $13.7 million in losses.
Industry observers caution that lower monthly losses do not necessarily indicate a safer operating environment.
Data cited by CertiK showed that 29 separate security incidents occurred throughout May, including seven cases involving compromised private keys.
Among the latest attacks were exploits affecting Alephium Bridge and Gravity Bridge, which collectively resulted in more than $6 million in losses.
Researchers argue that attackers continue to evolve their methods, shifting beyond traditional smart contract vulnerabilities and increasingly targeting operational security weaknesses.
Beyond direct exploits, CertiK researchers reported an increase in AI-assisted malware campaigns targeting both cryptocurrency developers and artificial intelligence developers.
According to the firm’s latest assessment, attackers are increasingly compromising code repositories and manipulating AI-powered coding tools to introduce vulnerabilities or facilitate attacks.
Security experts believe the trend could accelerate as advanced AI systems become more accessible to threat actors.
“Coding agents are superhuman at finding vulnerabilities, and smart contract security is too asymmetric: defenders need to fix every bug while attackers need just one exploit to steal funds.” Manuel Aráoz, Founder, OpenZeppelin.
The warning comes as the crypto industry continues to recover from a turbulent period marked by several high-profile breaches.
Even with May’s significant decline in losses, analysts note that evolving attack methods and increasingly sophisticated social engineering tactics could continue to challenge platforms throughout the remainder of 2026.
For crypto investors and enthusiasts, the latest CertiK figures provide a cautiously optimistic signal that exploit losses have cooled from April’s extreme levels.
However, the concentration of attacks on bridges, private keys, and AI-related attack vectors suggests that security remains one of the most important factors influencing market confidence and long-term ecosystem growth.
Copyright © 2025 - The Bit Gazette.
