Crypto exploit losses dropped a staggering 90% in May, falling to just $68.3 million from a multi-hundred-million April, according to blockchain security firm CertiK. The sharp decline was driven almost entirely by a collapse in bridge attacks and code-based exploits — the two categories that have historically accounted for the biggest heists.
Bridge attacks vanish
For months, cross-chain bridges have been the crypto underworld's favorite target. Not in May. CertiK's data shows bridge-related losses essentially flatlined. The firm didn't name specific incidents, but the absence of a nine-figure bridge breach — a near-monthly occurrence in 2025 — is the single biggest factor behind the 90% drop.
Code exploits go quiet
Smart contract hacks, flash loan attacks, and other code-level exploits also dried up. Whether that's due to better auditing, slower deployment of new protocols, or attackers simply taking a break is unclear. CertiK's raw numbers don't parse motive. What's clear is that May logged less than a tenth of April's exploit total. That's the kind of swing that gets a security team's attention.
What $68.3 million still means
It's a good month by recent standards. But $68.3 million is still a lot of stolen crypto. A single DeFi protocol going down in June could erase most of May's gains. The industry has been here before — a quiet month followed by a monster exploit. CertiK's monthly dashboard will be worth watching when June's data drops in a few weeks.
