June starts rough for crypto security as Gnosis Pay and TesseraDAO report attacks

The cryptocurrency market has already suffered from two separate exploits affecting Gnosis Pay and TesseraDAO in the first days of June, leading to the loss of millions.

The cryptocurrency industry has been plagued with a string of exploits that have renewed the debate about whether or not AI-powered tools are helping exploiters discover vulnerabilities faster. 

What happened to Gnosis Pay?

Gnosis Pay, a platform offering a self-custody crypto card, was one of the targets of an exploit this week. The platform has a “delay module” feature designed to protect users, and under normal conditions, it imposes a three-minute wait on outgoing transactions to give users time to react.

However, a bug allowed an attacker to bypass this protection. Gnosis Pay posted on X (formerly Twitter) at the beginning of June that it was investigating the vulnerability. The company’s co-founder, Martin Köppelmann, urged users to withdraw their funds immediately.

“If you are a Gnosis Pay user – unfortunately I have to recommend: withdraw all funds (EURe and GNO),” he wrote.

He also confirmed that Gnosis would cover all user losses. 

The team also requested bridge validators to pause activity in order to stop the cross-chain movement of potentially affected funds. As of now, Gnosis has not published a full post-mortem report detailing the total amount drained.

Some users on social media compared this incident to an earlier exploit of a third-party Safe module, but no direct connection between the two events has been established. 

TesseraDAO loses $2.5 million in mint and dump attack 

Approximately 19 hours before it was made public, an attacker minted 99 million TSR tokens on BNB Chain and swapped them for roughly $2.5 million in USDT, causing the price of TSR to crash by 99%.

After the swap, the exploiter moved the stolen funds across chains to Ethereum and began laundering the money. PeckShield reported that the exploiter had already sent 1,285.5 ETH through Tornado Cash, a mixing protocol used to hide transaction trails.

TesseraDAO has not yet issued a public response to the exploit.

The TesseraDAO exploit followed a pattern that has become common in 2026: mint, dump, bridge, launder. PeckShield separately reported that as of June 1, the crypto industry had suffered 14 major cross-chain and bridge-related exploits in 2026, with hackers extracting a cumulative $340.7 million from bridging protocols alone.

In April 2026, Cryptopolitan reported that $625 million was stolen across roughly 28 to 30 separate attacks. The Drift Protocol ($285 million) and KelpDAO ($293 million) hacks accounted for nearly all of that damage.

In May, CertiK’s monthly report revealed 60 confirmed incidents, the highest monthly tally of 2026, resulting in approximately $68.3 million in gross losses. Code vulnerabilities drove 66% of those losses at $45.13 million, while bridge exploits pulled in the largest dollar figure by incident type at $28.62 million. $9.38 million of the stolen funds were recovered in May, representing a recovery rate of about 13.7%.

Manuel Araoz, the founder of blockchain security firm OpenZeppelin, recently warned that he considers “all of DeFi unsafe,” arguing that coding agents are better at finding vulnerabilities than human defenders are at patching them. 

Slow Mist’s founder has also called on DeFi teams to deploy AI defensively and run attack simulations at least once per quarter.

Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free.