Cross-chain bridges, which allow users to move cryptocurrency between different blockchains, have become a major target for hackers, causing investors to withdraw billions in locked funds. The total value locked (TVL) on blockchain bridges fell below $45 billion on June 27, down from approximately $50 billion in May, representing a 10% decline in just over a month. This pullback reflects growing concern about the security vulnerabilities that plague these critical infrastructure components.

Why Are Bridges Such Attractive Targets for Hackers?

Bridges serve as the connectors between separate blockchain networks, enabling users to transfer digital assets seamlessly across different ecosystems. However, their complex architecture creates multiple security weak points that hackers actively exploit. According to a Chainlink report, bridge exploits account for approximately 40% of all stolen funds in the Web3 sector, with cumulative losses now reaching around $2.8 billion.

The fundamental problem lies in how bridges operate. These systems rely on validators, multi-signature wallets, oracles, and smart contracts to execute transactions across different blockchains. Each of these components introduces potential entry points for attackers. The most common attack patterns include compromised private keys, flaws in signature verification processes, unsafe external function calls, and zero-value exploits that allow attackers to manipulate the system without spending funds.

What Recent Exploits Reveal About Bridge Vulnerabilities?

The scale and frequency of bridge attacks have accelerated dramatically. In May 2026 alone, security firm PeckShield identified 8 major bridge exploits, resulting in approximately $328.6 million in stolen funds. One of the most significant incidents occurred on April 18, when hackers exploited Kelp DAO's LayerZero-powered bridge, stealing more than $292 million. The attackers manipulated a LayerZero packet on UniChain, compromised internal remote procedure call (RPC) nodes, and then launched a distributed denial-of-service (DDoS) attack on legitimate nodes to prevent detection.

Bridge security failures are not new. The industry has experienced major exploits for years, including the 2022 Ronin Bridge hack, where users lost $624 million due to compromised private keys, and the Wormhole exploitation in the same year. More recently, Gravity Bridge suffered a major attack that allowed hackers to steal $5.4 million.

How Are Major Bridges Being Affected?

The recent exploit spree has hit major bridge platforms particularly hard. Some of the most significant declines include:

• Hyperliquid Bridge: TVL dropped from $4 billion in May to just $341 million in June, representing an 91% decline in locked value.
• LayerZero: Experienced substantial TVL reductions following the Kelp DAO exploit and subsequent security concerns among users.
• Coinbase Bridge: Faced major TVL declines as institutional and retail users reduced exposure to bridge-based cross-chain transactions.

These dramatic withdrawals suggest that users are losing confidence in bridge security, even as these platforms remain essential infrastructure for the multi-chain blockchain ecosystem.

Steps to Understand Bridge Security Risks

• Recognize Common Attack Vectors: Bridge exploits typically involve compromised private keys, signature verification flaws, unsafe external calls, and zero-value exploits that manipulate the system without requiring attackers to spend funds.
• Understand Architectural Complexity: Bridges rely on multiple layers of validators, multi-signature wallets, oracles, and smart contracts, each creating potential security entry points that attackers can target.
• Monitor Historical Patterns: Major bridge hacks like Ronin (2022), Wormhole (2022), Kelp DAO (2026), and Gravity Bridge demonstrate that vulnerabilities persist across different bridge designs and operator teams.
• Track TVL Movements: Significant withdrawals from bridge platforms often signal growing security concerns among users and may indicate elevated risk periods for remaining locked assets.

The concentration of stolen funds through bridge exploits raises fundamental questions about the viability of current cross-chain architecture. Ethereum co-founder Vitalik Buterin addressed these concerns in 2022, expressing skepticism about the security model underlying bridges. He stated that while he remains optimistic about a multi-chain blockchain ecosystem where different communities can operate independently, he is pessimistic about cross-chain applications due to inherent security limitations.

"The fundamental security limits of bridges are actually a key reason why, while I am optimistic about a multi-chain blockchain ecosystem, I am pessimistic about cross-chain applications," Buterin explained.

Vitalik Buterin, Co-founder of Ethereum

Buterin further noted that many in the blockchain community focus excessively on preventing 51% attacks, where an attacker controls the majority of a network's computing power. However, he argued that blockchains maintain many of their security guarantees even after such attacks occur, and preserving these guarantees should be the priority.

The current bridge security crisis reflects a broader tension in Web3 infrastructure. As the ecosystem expands across multiple blockchains, the demand for seamless cross-chain transactions grows, yet the technical solutions available today carry significant risks. The $2.8 billion in cumulative bridge losses represents not just financial damage but also a critical challenge to user confidence in decentralized finance (DeFi) platforms. Until bridge architecture fundamentally improves or alternative solutions emerge, users and developers will likely continue to exercise caution when moving assets across blockchain networks.