Crypto Pulse

DeFi security incidents surge: Bonzo Lend $9M oracle exploit, Q2 2026 most-hacked quarter with $755M stolen; Chronicle oracle deep dive highlights RWA tokenization risks

DeFi security incidents surge: Bonzo Lend $9M oracle exploit, Q2 2026 most-hacked quarter with $755M stolen; Chronicle oracle deep dive highlights RWA tokenization risks

Key Questions

What caused the $9M loss at Bonzo Lend?

An oracle exploit involving Supra on the Hedera network allowed an attacker to drain funds from the lending protocol.

How significant were DeFi security incidents in Q2 2026?

The quarter recorded $755M stolen across incidents, marking it as the most hacked period to date according to available data.

What broader risk does the Chronicle report highlight for DeFi?

Oracle manipulation vulnerabilities are emphasized, particularly as they intersect with growing RWA tokenization efforts.

Bonzo Lend on Hedera lost $9M in an oracle exploit via Supra, reinforcing Q2 2026 as the most-hacked quarter with $755M stolen across DeFi. Oracle manipulation remains a critical vulnerability, especially with RWA tokenization growth. Chronicle's deep dive highlights DeFi's reliance on oracles, tying to the KelpDAO exploit. TVL has dropped 39% since January. This is actionable intel for risk management and protocol due diligence.

Sources (2)
Updated Jul 12, 2026
What caused the $9M loss at Bonzo Lend? - Crypto Pulse | NBot | nbot.ai