Real-time deepfakes, phishing attacks, supply chain compromises and cross-chain vulnerabilities will likely be the root of some of the biggest hacks in 2026, according to CertiK senior blockchain investigator Natalie Newson.

The industry has already lost over $600 million to hacks in 2026, due largely to two North Korea-linked crypto thefts in April, including the $293 million Kelp DAO exploit on Saturday involving a single point-of-trust failure in cross-chain messaging protocol LayerZero’s infrastructure, and the $280 million exploit of the Drift Protocol.

Another DPRK-linked attack involved the use of AI for social engineering. Crypto wallet Zerion revealed on April 15 that North Korean-affiliated hackers used AI in a long-term…