BlockThreat - February, 2026
AI is accelerating both defenders and attackers, surfacing rare bugs and amplifying the cost of simple mistakes, with clear action items for teams.
February 2026 saw $24.8M lost across 37 DeFi incidents. That’s roughly one quarter of last month's total losses, even as incident volume remains high. We didn’t see any mega hacks on the scale of Step Finance, TrueBit, and other major events this month.
On the CeFi side, $5.2M was lost across 4 incidents, with the majority stemming from a private key leak involving South Korea’s National Tax Service. But the month’s most embarrassing failure belongs to Bithumb, which accidentally distributed 2,000 BTC (about $141M) to customers by mispricing an airdrop. Fortunately, the exchange clawed back nearly all of it, with roughly $400K reportedly unrecovered.
Before we get into the monthly stats of top attack vectors and incidents, this edition highlights why a relatively calm month can still be a warning sign. We look at how AI is accelerating both defenders and attackers, surfacing rare high impact bugs, enabling more exotic exploit paths, and amplifying the cost of simple mistakes and fragile dependencies. Each trend includes clear action items you can apply immediately.