An analysis of 45 blockchain security incidents in June 2026, highlighting $79.06 million in disclosed losses, the month’s largest hacks, attack classifications, weekly trends, and the networ
An analysis of 45 blockchain security incidents in June 2026, highlighting $79.06 million in disclosed losses, the month’s largest hacks, attack classifications, weekly trends, and the networks and exploit techniques most frequently targeted.
Across the 45 incidents recorded in June 2026, attackers walked away with exactly $79,056,941 in disclosed losses. This figure represents the sum of every numeric loss recorded in the dataset. It excludes three incidents where the loss amount was explicitly logged as “Not Disclosed,” while including two incidents where the exploit was recorded but resulted in no direct financial loss ($0). Of the 45 incidents, 40 reported a disclosed loss greater than zero, averaging $1,976,424 per incident. Every event in the dataset occurred between June 1 and June 30, 2026, confirming that this report covers a complete single-month period.
The Costliest Hacks of the Month
One incident dominated June’s threat landscape. Humanity, compromised through a private key attack affecting both Ethereum and BSC, accounted for $32,000,000 in losses alone, representing 40.5% of the month’s total disclosed losses.
The second and third largest incidents, Syscoin Bridge ($8,000,000 through a fake proof exploit) and JaredFromSubway ($7,500,000), brought the combined losses of the top three incidents to $47,500,000, accounting for 60.1% of all disclosed losses during June.
Top 10 Costliest Incidents
- Humanity – Ethereum/BSC | Infrastructure | Private Key Compromised | $32,000,000
- Syscoin Bridge – Syscoin | Protocol Logic | Fake Proof Exploit | $8,000,000
- JaredFromSubway – Ethereum | Other | Other | $7,500,000
- Secret Network – Secret | Protocol Logic | Unbacked Mint via ICS-20 | $4,670,000
- Polymarket – Polygon | Other | Other | $3,000,000
- RetoSwap – Monero | Protocol Logic | ACK Frontrun Attack | $2,700,000
- TSR – BSC | Protocol Logic | Infinite Mint and Dump | $2,500,000
- Tessera DAO – BSC | Other | Access Control | $2,400,000
- SecondFi – Cardano | Infrastructure | Predictable Private Key Exploit | $2,400,000
- TesseraDAO (TSR) – BNB Chain | Infrastructure | Private Key Leakage | $2,400,000

Top10 costliest june hacks
Beyond the top five, losses declined sharply. Incidents ranked six through ten all fell within a narrow range of $2.4 million to $2.7 million, while no incident outside the top three exceeded the $5 million mark. This distribution shows that only a handful of attacks were responsible for nearly two-thirds of the month’s total financial damage.
Notable Incidents
The Humanity breach remained the defining security event of June. Its $32,000,000 loss, caused by a compromised private key spanning Ethereum and BSC, was more than four times larger than the second-largest incident.
TesseraDAO (TSR) appears twice within the dataset, seemingly referring to the same $2,400,000 incident on BSC/BNB Chain. One entry classifies it as an Access Control issue under the “Other” category, while the second categorizes it as an Infrastructure incident caused by Private Key Leakage.
Another significant incident involved Syscoin Bridge, where a fake proof was accepted by the bridge verification logic, resulting in an $8,000,000 loss and highlighting ongoing risks associated with cross-chain validation mechanisms.
When the Loss Amount Isn’t Known
Three incidents were recorded without disclosed financial losses. These include Yield Yak on Avalanche and Gitcoin on Ethereum, both attributed to Frontend Attacks, along with Flooring Protocol & BitmapPunks on Ethereum, which involved a BT404/DN404 ownership logic vulnerability.
Because these incidents are excluded from the reported total of $79,056,941, the month’s actual financial impact is likely higher than disclosed.
Two additional incidents resulted in zero financial loss despite confirmed vulnerabilities. These involved Flooring Protocol (DN404 Forge Loop on Ethereum) and Gnosis Pay (Zodiac Delay Module Exploit on Gnosis Chain), where the vulnerabilities were identified without any funds being stolen.
Where the Losses Actually Came From
June’s incidents were classified into five categories: Protocol Logic, Infrastructure, Other, Token, and Bridge.
Protocol Logic remained the most common category, accounting for 30 of the 45 recorded incidents (66.7%). These included smart contract vulnerabilities such as oracle logic errors, mint-and-dump attacks, and frontrunning exploits.
From a financial perspective, however, Infrastructure incidents proved significantly more damaging. Although only eight Infrastructure incidents were recorded (17.8% of total incidents), they accounted for $36,878,500, or 46.6% of all disclosed losses, largely driven by the Humanity compromise.
The category breakdown was as follows:
- Protocol Logic: 30 incidents resulting in $27,331,541
- Infrastructure: 8 incidents resulting in $36,878,500
- Other: 3 incidents resulting in $12,900,000
- Token: 3 incidents resulting in $246,900
- Bridge: 1 incident resulting in $1,700,000

incidents vs losses classification
Together, Bridge and Token incidents accounted for only 2.5% of the month’s disclosed losses.
How June Unfolded Week by Week
Incident activity remained relatively steady throughout most of June, although financial losses were heavily concentrated during the middle of the month.
The reporting period between June 8 and June 10 recorded 11 incidents but produced the highest weekly loss total of $36,195,679, driven almost entirely by the Humanity compromise.
The following week, June 15 to June 21, recorded the highest number of incidents (14), although total losses were considerably lower at $21,206,500.
Both activity and losses declined significantly toward the end of the month, with only two incidents recorded between June 29 and June 30, resulting in just $159,500 in disclosed losses.
Weekly totals:
- June 1 – June 7: 13 incidents, $15,819,962
- June 8 – June 10: 11 incidents, $36,195,679
- June 15 – June 21: 14 incidents, $21,206,500
- June 23 – June 25: 5 incidents, $5,675,300
- June 29 – June 30: 2 incidents, $159,500

weekly trend june
Chains, Languages, and Techniques
Ethereum appeared in 18 of the 45 incidents, either independently or alongside another blockchain, making it the most frequently affected network during June. BSC followed with nine appearances, while BNB Chain was mentioned four times. Monero and Polygon each appeared twice, while Secret, Solana, Syscoin, Gnosis Chain, Avalanche, Cardano, Cosmos, Namada, Starknet, Sui, and X (the social platform, linked to a social-engineering incident) each appeared once.
Solidity remained the dominant programming language, appearing in 25 incidents, reflecting Ethereum and BSC’s continued prominence. Thirteen incidents listed the language as “Not Specified,” primarily within the Other category where technical details were unavailable. Rust-based projects accounted for three incidents, while Java, Cairo, and Move each appeared once. One social-engineering incident listed the language as “Not Applicable.”
Attack techniques remained widely distributed. “Other” was the most common label with four incidents, while DN404 Forge Loop, Social Engineering, and Frontend Attacks each appeared twice. The remaining incidents were spread across more than 30 distinct exploit methods, including Fake Proof Exploit, ACK Frontrun Attack, Infinite Mint and Dump, Predictable Private Key Exploit, and Zodiac Delay Module Exploit.
Key Takeaways
- The Humanity private key compromise alone accounted for $32,000,000, representing 40.5% of all disclosed June losses.
- Protocol Logic remained the most common attack category with 66.7% of incidents, but Infrastructure failures generated the highest financial damage, accounting for 46.6% of total losses.
- Nearly half of the month’s losses occurred during the June 8–10 reporting period following the Humanity compromise.
- Ethereum, BSC, and Solidity continued to dominate the blockchain security landscape, both in terms of affected projects and exploit activity.
Conclusion
June 2026’s security data demonstrates how a single major infrastructure failure can define an entire month’s financial impact, despite Protocol Logic vulnerabilities remaining the most common type of incident. The Humanity private key compromise, resulting in $32,000,000 in losses, exceeded the second-largest incident by more than four times and alone accounted for over 40% of all disclosed losses. This highlights how one operational security failure can outweigh the combined impact of dozens of smaller smart contract exploits.
Incident activity remained relatively steady throughout most of the month, with between 13 and 14 incidents recorded across three separate reporting periods before slowing considerably during the final days of June. Ethereum and its closely related ecosystems, BSC and BNB Chain, continued to dominate the incident landscape in terms of affected projects, attack techniques, and financial losses.
Overall, the June dataset reinforces a continuing industry trend: protecting private keys and administrative infrastructure remains just as important as auditing smart contracts, since a single infrastructure-level compromise can outweigh an entire month’s worth of protocol-level vulnerabilities.