Overview
- CertiK reported total losses of about $68.3 million for May, a roughly 90% decline from April’s near-$650 million figure.
- The largest single incident was an $11.5 million exploit of Verus Protocol’s cross-chain bridge on May 18, and THORChain lost about $10.1 million in a mid-May attack.
- Protocol code flaws were the costliest vector in May, accounting for roughly $45 million or about 66% of losses, while cross-chain bridge exploits made up about $28.6 million or 42% of the total.
- DeFiLlama recorded 29 security incidents in May, including seven that involved compromised private keys, and CertiK said roughly $9.4 million of stolen funds were recovered or returned.
- Security firms warned that attackers are using new tactics, including AI-assisted malware and supply-chain compromises that target code repositories and AI coding tools, and they recommend audits, stronger key custody, and supply-chain protections.