BlockThreat - Week 6, 2026
Bear markets don’t slow hackers down. They make them deadlier. The data reveals why 2026 is shaping up to be brutal and highlights the latest emerging threats.
Only $725K were lost this week across nine incidents. The majority of losses were attributed to a mishap at Bithumb which managed to gift its users $142M before clawing back all but about $400K. Coinbase disclosed another PII exposure tied to a subcontractor, an incident that finally pushed it to move customer support in-house after the previous breach cost the company $400M.
This week marks the four year anniversary of the Wormhole bridge hack in February 2022, when attackers stole $325M by effectively printing money. Wormhole wasn’t just a bridge failure. It was one in the series of $100M+ hacks that signaled the end of the bull market and the beginning of the 2022 downturn.
Bear markets have a habit of revealing truths we prefer to ignore. As we slide into another one in 2026, the question isn’t whether history will repeat, but how closely. Which attack vectors thrive when liquidity disappears? Which threat actors become more active when exits shrink and attention fades? And which defenses quietly fail once incentives flip?
In this week’s edition, we dig into those patterns. As a bonus, I’ll lay out projections for how the blockchain security industry is likely to evolve over the coming months and years and highlight the critical lessons and focus areas users, defenders, and auditors need to internalize if we want to make it through the next downturn relatively unscathed.
You’ll also find coverage of an exciting new AI security competition from EF, recent wrench attacks and arrests, practical techniques for bypassing common anti-phishing transaction simulators, and deep dives into the latest attack patterns and bug-hunting techniques.