Alephium Bridge Hacked for $815K as Bridge Attacks Hit $326M

- Off-chain backend vulnerability in Alephium Bridge enables forged VAAs and unauthorized token mints - Cross-chain bridge exploits in 2026 push total losses above $326 million On May 30, 2026, Cryptopolitan reported that a backend vulnerability in the Alephium Token Bridge allowed attackers to create 13.76 million unauthorized wrapped ALPH tokens, outstripping the actual token supply on other chains. According to Cryptopolitan on the same day, the attackers also stole around $815,000 in funding. As a result of the incident, the Alephium team immediately urged liquidity providers to withdraw from ALPH pools to prevent further losses, and they warned that continued liquidity could enable additional theft. Analysts initially considered whether compromised guardian keys played a role; however, they determined that the exploit targeted an off-chain vulnerability in the bridge’s backend. According to Cryptopolitan, this weakness enabled forged Verified Action Approvals (VAAs) and unauthorized token minting on Ethereum and BNB Chain. In addition, the attacker absconded with other assets, including USDT, USDC, WETH, and WBTC. This exploit adds to a series of cross-chain bridge attacks in May 2026, as similar incidents impacted Gravity Bridge and Verus-Ethereum. According to industry reports cited by Cryptopolitan, bridge-related hacks this year have collectively driven total industry losses above $326 million.