Q2 2026 Breaks Record with 83 Crypto Hacks, $755M Stolen

The second quarter of 2026 set an alarming new record for crypto hacks, with 83 incidents reported, according to DefiLlama data cited by Unfolded. These breaches resulted in $755.3 million in losses, making Q2 2026 the most-hacked quarter by incident count, though it trails Q4 2020’s $3.56 billion in financial damage.

Key to these losses were two major breaches: KelpDAO’s $293 million hack and Drift Protocol’s $280 million exploit. Notably, cross-chain bridge vulnerabilities emerged as the dominant attack vector, accounting for $351 million—or nearly half—of the quarter's total losses. The LayerZero OFT bridge exploit alone facilitated the KelpDAO breach, highlighting the persistent fragility of bridge protocols.

The frequency of incidents underscores a troubling trend: hacking activity in DeFi is escalating even as the total value locked (TVL) in decentralized finance has dropped sharply. TVL now stands at $73 billion, down from $164 billion in late 2021, according to Dmytro Tarasiuk, product director at CORE3 and CER.live. He attributed the rising vulnerability to protocols being developed faster than they can implement adequate risk management—a gap attackers are quick to exploit.

Bridge Exploits Lead the Way

Bridge exploits continue to dominate, with the $293 million LayerZero breach responsible for over 38% of the quarter's stolen funds. Other significant attack vectors included compromised admin accounts, which drove 37% of losses, and private key theft, accounting for 5.66%. Key incidents included Taiko’s $1.7 million bridge exploit and Humanity Protocol’s $36 million loss in early June. Notable smaller breaches involved Aztec Connect and Raydium, highlighting that attackers are targeting a wide range of projects, from major players to deprecated contracts.

These vulnerabilities are not isolated to DeFi. Cybersecurity incidents spiked across other sectors in Q2 2026, including critical infrastructure and enterprise IT. On June 17, tens of thousands of Fortinet firewalls were reportedly compromised, while ransomware attacks have remained consistently high, with 772 victims recorded in April alone. The surge in crypto exploits is part of a broader wave of cybercrime targeting weak security measures across industries.

Crypto Security at a Crossroads

Mitchell Amador, CEO of Immunefi, a bug bounty platform, warned that advances in artificial intelligence could be exacerbating these trends. He described the rise of AI-enabled hacking as a “vulnerability apocalypse,” with attackers leveraging machine learning to exploit weaknesses at unprecedented scale. This has led to increasing calls for tighter regulation and more robust risk management in both DeFi and traditional industries.

Despite the stark figures, the total financial losses in Q2 2026 are significantly lower than historic peaks, such as Q4 2020. This disparity may reflect a smaller pool of total capital available to attackers due to declining crypto valuations and reduced TVL in DeFi. However, the growing incident count suggests that attackers are adapting, focusing on smaller-scale, frequent exploits rather than single, massive heists.

As the quarter nears its end, the crypto industry faces mounting pressure to address these vulnerabilities. With bridge exploits leading the charge, developers and security teams will need to prioritize risk mitigation strategies, including independent audits and more secure key management practices, to fend off what has become an increasingly sophisticated threat landscape.