- The blockchain industry experienced a surge in security incidents in H1 2026.
- Most security attacks in the blockchain space have occurred on the Ethereum network.
- DeFi solutions represented the prime targets of blockchain hackers in H1 2026.
Blockchain security firm SlowMist has released its mid-year report for 2026, showing that the ecosystem has entered a new phase. According to the report, AI-driven scams, supply chain attacks, and cross-chain infrastructure exploits expanded the attack surface beyond smart contracts. Meanwhile, global regulation around stablecoins, AML, and VASPs continued to mature.
182 Security Incidents in 6 Months
SlowMist revealed that blockchain security incidents in the first half of 2026 surged to 182, leading to losses of approximately $956 million. That is significantly higher than last year’s 121 security cases, even though the funds stolen during a similar period in 2025 were higher. SlowMist’s data showed that blockchain security issues led to the loss of approximately $2.373 billion in H1 2025.
Related: SlowMist Says SecondFi Wallet Losses Could Exceed $20M
Ecosystem categorization shows that bad actors stole more funds from the Ethereum network in H1 2026. According to SlowMist’s data, hackers stole $134 million from the Ethereum ecosystem during this period, more than the $236.35 million they stole from Binance and the $4.93 million stolen from Arbitrum.
Focusing on project types, hackers targeted more of decentralized finance (DeFi) solutions, which accounted for 116 blockchain security incidents in the first half of 2026. The total amount stolen from DeFi was approximately $490 million. Meanwhile, cross-chain bridges accounted for 20 cases, with about $346 million in losses. Among the identified cases, 85 consist of contract and logic vulnerabilities, and 17 resulted from private key or credential compromises. However, 12 of them were supply chain attacks.
Related: SlowMist Details How a Fake Bot Was Used to Steal a Trader’s SOL
Crypto Threats Expand as Regulation Tightens
SlowMist noted that blockchain attacks in H1 2026 evolved beyond smart contract exploits, expanding into targeting users, developers, AI systems, and cryptographic foundations. It cited the Lazarus Group as the dominant threat in crypto-related cybercrime, highlighting their adoption of increasingly sophisticated laundering strategies as a key issue.
In the meantime, there has been a surge in phishing scams, social engineering, and supply chain poisoning. SlowMist noted that such threats no longer occur in isolation, but increasingly span the entire trust chain, from people and software supply chains to AI systems and cryptographic infrastructure.
Despite the increase in security cases cited by SlowMist, the security company noted that global regulation continued to mature, with stronger oversight of stablecoins, AML, VASPs, cross-border fund flows, and digital asset risk governance. According to the firm, enforcement became more comprehensive as major jurisdictions refined licensing frameworks and compliance requirements.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.