Fourteen crypto bridge protocols were compromised in May, draining a total of $340.7 million. The haul makes last month the most expensive on record for bridge-related thefts this year, outstripping any single previous month in 2026. The attacks hit at least a dozen different platforms, with some bridges taken offline for days after the exploits.
The May toll
Each of the 14 incidents targeted a cross-chain bridge — software that lets assets move between blockchains. The attackers exploited vulnerabilities in smart contracts, private key management, or validator sets. In several cases, the bridges had been audited but still contained flaws that went undetected until the hacks. At least three of the exploits returned roughly $9 million in stolen funds after negotiations with the hackers, but the bulk of the money – over $331 million – remains unreturned.
Why bridges keep getting hit
Bridges hold large pools of locked crypto, often with complex code that handles multiple chains. That complexity creates surface area for bugs. The same pattern played out in 2022 and 2023, but the industry hasn't found a way to eliminate the risk. Projects have added monitoring tools and insurance funds, but attackers continue to find new entry points. May's wave shows the problem hasn't gone away.
What's being done
Several affected bridges have paused withdrawals and announced plans to deploy patches. At least two teams said they will re-audit their entire codebase. A handful of decentralized autonomous organizations that govern the protocols are voting on whether to mint new tokens to cover losses. Those decisions are expected within the next two weeks. On the user side, many have already pulled liquidity from bridges that weren't compromised, moving assets back to native chains as a precaution.
The broader security picture
The $340.7 million figure accounts for a significant share of all crypto theft in 2026 so far. Analysts inside security firms say the May spike underscores a persistent weakness in the infrastructure that connects blockchains. Unlike exchange hacks, which often trigger immediate regulatory responses, bridge exploits have drawn less attention from lawmakers — partly because the money often moves across multiple jurisdictions in minutes. Whether that changes after this month's tally remains an open question. The next concrete signal will come when the first post-mortems are published, likely by mid-June.
