- Aztec Network suffered a second $2 million hack this week, targeting its deprecated Private Rollup Bridge.
- The exploit used the bridge’s emergency ‘escapeHatch’ function, bringing 2026’s bridge hack total to 14 with over $340 million lost.
- Security analysis indicates both of this week’s hacks were caused by similar “public input binding issues” in old, immutable contracts.
Aztec Network has been hit by another $2 million exploit on June 18, 2026, marking its second major security breach within a single week. This latest incident targeted the deprecated Private Rollup Bridge, draining roughly $2.15 million in cryptocurrency assets.
Consequently, the firm stressed that the affected contract was immutable and had been sunset in 2022. Security researcher Vishal Singh was first to flag the loss, which manipulated the bridge’s emergency withdrawal mechanism.
Yu Xian, founder of SlowMist, lists three suspicious transactions that carried out the drain. He explained the attacker tricked the escapeHatch function during brief windows when it was open.
Meanwhile, this incident follows Sunday’s loss of $2.2 million from Aztec Connect. According to analysis from BlockSec, both exploits were caused by “public input binding issues.”
Today’s hack brings the 2026 tally of bridge-related exploits to 14, with over $340 million lost in total. The DeFi community continues to grapple with persistent vulnerabilities in legacy systems, even as new threats emerge.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
