News
15 May 2026, 16:00
Lombard joins LayerZero exodus as $4 billion in assets switch to Chainlink's bridge

The shift comes after the Kelp DAO exploit drained $292 million from its LayerZero-powered bridge, increasing concerns over the security of cross-chain infrastructure.
15 May 2026, 13:23
Thorchain Suffers Multi-Chain Exploit— $10M+ Drained Across Blockchains

THORChain suffered a coordinated multi-chain exploit that drained more than $10.8 million from its liquidity vaults. According to Coinglass data, the sudden price drop today triggered an approximately $11.3 million in long-liquidation, while short-positioned traders witnessed a $34.6k liquidation. The THORChain price pullback could seek support at the 38.2% Fibonacci retracement level at $0.526, followed by its next cushion at 50% FIB at $0.5. On May 15th, the THORChain price witnessed a sudden outflow after suffering a sophisticated multi-chain exploit that drained more than $10.8 million from its liquidity vaults. The attack forced validators to halt core network operations and the RUNE price plunged with double-digit loss to breach $0.55 support. THORChain Halts Network Following $10.8 Million Multi-Chain Exploit Cross-chain liquidity protocol THORChain has been completely halted due to a major, coordinated security attack. The hacker managed to siphon out about $10.8 million from the platform’s liquidity vaults, triggering the immediate emergency of network validators, and resulting in double-digit RUNE token losses. The vulnerability was first identified in the early morning hours of Friday, May 15, 2026. On-chain security researcher ZachXBT identified a series of highly unusual, automated outbound liquidity operations that emerged from the main vault addresses of THORChain. Blockchain security firm PeckShield immediately cross-checked the data and found that a hacker was stealing money at the same time in several integrated blockchain networks. Stolen funds THORChain Freezes Operations After Coordinated Multi-Asset Exploit The exploit involved a very sophisticated attack on native assets and EVM-compatible tokens. The attacker managed to accumulate around $10.8 million at a few key address destinations – one for the Bitcoin network (bc1ql4…f6f37) and one for the EVM network (0xd4…890Bd). Current Loss breakdown: Bitcoin (BTC): 36.85 native BTC which is worth around USD $3 million. Ethereum (ETH) & BNB Chain: Roughly 3,443 ETH and 96.6 BNB. Stablecoins & Wrapped Assets: Over $7.2 million in USDT, USDC, and wrapped tokens, which the attacker rapidly swapped out to prevent any remote freezing mechanisms. Stolen Funds Address THORChain node operators intervened quickly to avoid the total draining of the liquidity pools of the protocol. Validators convened an emergency meeting after the finding the unusual transaction in the public ledger and were able to stop all outbound signing and trading operations. Stolen Funds Address The freeze effectively kept the remaining user funds safe in the pools while it has completely suspended the core cross-chain swapping capability of the network. A full technical post-mortem from the THORChain core dev team is still underway, However, p rior to the exploit, bad actors behind a recent breach at liquid staking platform KelpDAO had been actively routing illicit funds through THORChain’s high-velocity liquidity pools. Market Impact and What Comes Next The market was affected immediately. As news of the exploit and the subsequent network freeze spread, THORChain’s native token, RUNE, plummeted between 10% and 15%, falling sharply to around the $0.51 mark. Such hacks can lead to a loss of trust in the protocol from investors and induce significant capital outflows from the impacted protocols. Users are sometimes hastily moving out of funds to withdraw them, causing a drop in total value locked (TVL) and destabilizing the protocol when the exploits hit the core infrastructure, like liquidity pools, bridges, or staking systems. These attacks also increase the regulatory pressure and harm the reputation of decentralized finance systems, making them even more cautious about participating in institutional settings. The increase in the number of exploits could result in increased security expenses, slower adoption, and extended repair times for DeFi projects, potentially limiting the growth of the ecosystem. The THORChain project now faces a challenging road to recovery. The protocol’s development is completely halted, and code is being reviewed by the developers to pinpoint the exact attack path. The community is eagerly awaiting two updates: The official technical post-mortem explaining the flaw and an announcement about possible whitehat bounty negotiation or a plan to reimburse funds to affected liquidity providers. Until then, cross-chain operations remain completely dark. Crypto Hacks Show No Slowdown as DeFi Losses Mount Security vulnerabilities have continued to plague the cryptocurrency sector, showing no signs of letting up. Two key DeFi projects — decentralized perpetual exchange Drift Protocol and liquid restaking project KelpDAO — experienced significant losses worth a combined $600 million in just April. The decentralized finance sector has traditionally been a hot spot for malicious parties, with cross-chain bridges and liquidity protocols often being their first choice. Data from Chainalysis reveals that thefts associated with bridges have reached over $2.8 billion since 2021, indicating that there are significant underlying structural vulnerabilities that are yet to be addressed throughout the sector. THORChain Price Seeks Bullish Support at Key Fibonacci Floors From early-April to May 11th, the RUNE price witnessed a high-momentum rally from $0.376 to $0.638, registering a gain of roughly 70%. The upstream can be attributed to major network upgrades, upcoming high-profile integrations, and a massive, system-wide volume spike from the Kelp DAO laundering funds. However, the coin price witnessed a sudden accelerated pullback following the recent record breach in its own network. The asset price currently trades at $0.526 and holds a $185.39M. According to Fibonacci retracement level, the current correction is seeking support at 38.2% retracement level, which coincides with the $0.527. If the price fails to defend this floor, the coin sellers could drag its price to 50% FIB at $0.494, followed by 61.8% FIB at $0.46. Theoretically, a pullback to 61.8% FIB is still considered healthy retracement for an asset to recoup the exhausted bullish momentum. The RUNE price holding above the 100-day exponential moving average (EMA) also accentuate the mid-term bullish trend in the market. If the buyers manage to hold these support, the RUNE -8.44% price could rebound and attempt a sustainable above $0.6 resistance. RUNE/USDT -1d Chart On the contrary, a breakdown below the 61.8% FIB will accelerate the market selling pressure and strengthen the sellers grip over this asset. The post-breakdown fall could push the asset to $0.41, back to multi-month floor of $0.375 The momentum indicator RSI (Relative Strength Index) dropped to 47% indicating a sudden bearish shift in market sentiment.
15 May 2026, 12:30
THORChain Pauses Trading After Suspected $10M Exploit

Early estimates suggest that more than $10 million may have been stolen, although the exploit has not yet been officially confirmed. The incident only adds to a series of previous operational and security issues surrounding the protocol. THORChain Hit by Suspected Exploit Cross-chain liquidity protocol THORChain temporarily paused trading activity after blockchain investigators raised concerns over a suspected exploit that may have impacted multiple blockchain networks, including Bitcoin, Ethereum, BNB Smart Chain, and Base. The incident was first pointed out by well-known on-chain security researchers ZachXBT and PeckShield , who identified suspicious wallet activity tied to alleged theft addresses operating on Bitcoin and EVM-compatible chains. Early estimates suggest that the exploit may have resulted in losses of more than $10 million, although investigators made it clear that the attack had not yet been fully confirmed at the time of reporting. The latest disruption only adds to a growing list of operational and security-related challenges that have surrounded THORChain over the past two years. The protocol is designed to facilitate decentralized cross-chain swaps without intermediaries, but it has come under scrutiny because of its role in facilitating large asset transfers between different blockchain ecosystems. While this functionality has made THORChain one of the more well known decentralized cross-chain liquidity networks in the crypto sector, it also attracted attention from security analysts and regulators concerned about the movement of illicit funds. The suspected exploit follows a particularly difficult period for the protocol. In January of 2025, THORChain halted its ThorFi lending operations after insolvency concerns surfaced in the community. Validators later implemented a 90-day restructuring plan to stabilise the platform’s operations and restore confidence among users. During that process, the protocol addressed a reported $200 million debt crisis by converting defaulted liabilities into a newly created equity-style token structure. THORChain also repeatedly appeared in investigations involving hacked or stolen crypto funds moving across chains. One of the bigger incidents occurred in September 2025 when THORSwap announced a bounty after approximately $1.2 million was stolen from the personal wallet of THORChain founder John-Paul Thorbjornsen. ZachXBT later linked the activity to suspected North Korean hacking groups. More recently, the protocol was again thrust into the spotlight after the Kelp DAO hack, where stolen ETH was reportedly bridged into Bitcoin through THORChain. The incident contributed to a major spike in the network’s daily transaction volume, which reportedly climbed to approximately $394 million in a single day.
15 May 2026, 12:09
Thorchain Loses Nearly $11M as Attackers Poison Vault Churn Process Across 4 Chains

Thorchain suffered an estimated $10 to $11 million exploit on Friday, after attackers used vault churn address poisoning to redirect funds during a routine migration process across multiple blockchains. Thorchain Funds Compromised Onchain investigator ZachXBT first flagged the incident via his Telegram channel, placing initial losses above $7.4 million before revised estimates pushed the total
15 May 2026, 11:55
Rune tanks 11% after attackers move $10M in THORChain exploit

THORChain, one of the leading decentralized cross-chain DEXs, is the latest victim of a major hack across several blockchain platforms. As per the security warnings issued on May 15, 2026, THORChain suffered losses of about $10 million in cryptocurrencies. The attack targeted the BTC, ETH, BNB Chain, and Base blockchains, with the stolen crypto coins swiftly transferred into certain wallets. So far, the THORChain team has not issued an official comment. Hackers targeting crypto grow bolder Approximately $25 million has been lost to hacks in the crypto space since the start of May. Today’s hack targeted THORChain’s cross-chain liquidity services, enabling unauthorized token withdrawals from pools on the Bitcoin, Ethereum, BNB Chain (formerly BSC), and Base blockchains. While initial estimates pointed to losses of more than $7.4 million, the latest data from security firm PeckShield puts the total figure closer to $10 million. This looks like a well-planned attack, with asset movement occurring over a short period of about 13–14 hours before the leak. #PeckShieldAlert @THORChain has been exploited for ~$10M worth of crypto, including 36.75 $BTC ($3M) and ~$7M worth of assets from #BNBChain , #Ethereum , and #Base . The stolen funds mainly sit in: bc1ql4u94klk265lnfur2ujk9p6uh52f2a8jhf6f37… pic.twitter.com/mhWIWueVPK — PeckShieldAlert (@PeckShieldAlert) May 15, 2026 According to blockchain explorers, ETH inflows, along with other transactions, were detected as late as 9:06 UTC on May 15, 2026. The exact distribution of the stolen crypto has been tracked on-chain. For Bitcoin, about 36.85 BTC ($2.97 million) has been transferred to the wallet bc1q14u94klk265lnfur2ujk9p6uh52f2a8jhf6f37. According to Arkham Intelligence’s portfolio-tracking tool, the wallet contains precisely 36.854 BTC, currently worth $2,969,692. For Ethereum and its derivatives, more than 3,156 ETH, worth $7,112,748 (at an approximate price of $2,253 each), have been received by the address 0xd477b69551f49C0519F9B18c55030676138890Bd. These funds account for the lion’s share of about $7 million from Ethereum, BNB Chain, and Base. The five recent transactions on the Ethereum receiving wallet include several deposits totaling slightly above 13 ETH, as well as one withdrawal of 0.01 ETH. In total, the multichain portfolio that is connected to these wallets is valued at around $7.115 million and closely matches the exploit estimate when combined with the Bitcoin funds. THORChain hack triggers 11% RUNE dip, BTC and ETH hold steady THORChain’s native currency, RUNE, has seen a substantial price decline following the $10 million multi-chain exploit. According to CoinMarketCap data, RUNE is currently valued at $0.5146, down 11.32% over the last 24 hours. The total market cap of RUNE is $180.52 million, while its daily trading volume has skyrocketed to $24.49 million, reflecting panic selling by investors holding RUNE tokens. THORChain’s native token, Rune, tanks by 11%, affected by the hack. Source: CoinMarketCap On the other hand, the rest of the stolen crypto coins have been performing fairly well despite the turbulence. Bitcoin increased by 2.61% over the past 24 hours to $81,667.13, bringing the value of the 36.85 BTC stolen to around $3.01 million. Ethereum remained almost unchanged, rising by only 0.12% to $2,252.88, while the approximately 3,156 ETH stolen remained at $7.11 million. Investors struggle in the current crime-driven markets DeFi security attacks have persisted through May 2026, with some protocols experiencing losses arising from vulnerabilities in their smart contracts on May 10 and 11, including Huma Finance and Ink Finance. As reported by Cryptopolitan, Huma Finance suffered an exploit of its V1 smart contracts deployed on the Polygon blockchain on May 11, resulting in the theft of approximately $101,400 worth of USDC and USDC.e tokens. The attack exploited the BaseCreditPool deployment by leveraging a logic vulnerability in the refreshAccount() function to skip EA approval processes, allowing arbitrary promotions of credit accounts to the “GoodStanding” position. Meanwhile, Ink Finance became a victim of yet another theft totaling around $140,000 from its Workspace Treasury Proxy contract deployed on Polygon. As reported by Cryptopolitan, the attacker deployed a contract whose address was listed on the whitelist, thereby bypassing eligibility checks for authorized withdrawals from the treasury. Ink Finance has not issued a comment regarding the exploit yet. Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free .
15 May 2026, 11:36
THORChain pauses trading after suspected $10M exploit

THORChain paused trading after ZachXBT flagged a suspected $10 million exploit spanning Bitcoin, Ethereum, BNB Chain and Base.









































