Now Playing
DeFi TVL Exodus, Bridge Exploits & Lazarus Group's $620M Haul
Audio is available on Spreaker — see link below.
Twenty billion dollars has fled DeFi in 2026's first half — and the capital isn't sitting on the sidelines, it's rotating into RWAs and ETF wrappers for structural reasons. Today's briefing covers bridge exploits, Lazarus Group's industrialised theft, Sui's governance crisis, Aave's risk overhaul, and prediction markets' federal breakthrough.
Audio is available on Spreaker — see link below.
Twenty billion dollars has left decentralized finance in the first half of twenty twenty-six, and the pattern of outflows tells you something that monthly exploit figures alone don't: this isn't a bad quarter. It's a confidence problem with the underlying architecture.
Here's what's driving that rotation. In May, bridges accounted for forty-two percent of total losses.
The other structural element worth holding: fifty-five percent of twenty twenty-six theft traces back to Lazarus Group, the North Korea-linked operation. That's six hundred and twenty million dollars across a hundred and eighty-five incidents in the first half of the year alone.
Away from the exploit data, Sui suffered three network halts this year, two of them arriving within a day of each other last week. The governance dimension here is the more consequential story.
Aave's response to the rsETH bridge exploit in April is worth tracking as a potential industry template. The protocol executed two hundred and ninety-five parameter changes in a single month, including a hundred and sixty-eight supply-cap reductions.
On the regulatory side, prediction markets had a productive month. Polymarket re-entered the US market through its acquisition of CFTC-licensed QCEX.
The near-term watchpoints are clear. Whether infrastructure audit frameworks can scale to cover the full attack surface.
Chapter summary auto-generated from the verified script. Listen to the full episode for the complete content.