DigitalMoneyBox Signal Desk
DigitalMoneyBox Crypto market intelligence
Browse sections
Security Protos

DeFi platform Summer Finance loses $6M in vault exploit

DeFi platform Summer Finance, which offers “institutional DeFi Vault infrastructure for everyone” has been hacked for approximately $6 million. The sum was drained from its Lazy Summer USDC vault, managed by risk advisor...

78 /100
Market signal

Watchlist

Published in the last two hours. Multiple named entities are involved.

DeFi platform Summer Finance loses $6M in vault exploit

DeFi platform Summer Finance, which offers “institutional DeFi Vault infrastructure for everyone” has been hacked for approximately $6 million.

The sum was drained from its Lazy Summer USDC vault, managed by risk advisor Block Analitica. Summer Finance confirmed the exploit and has paused vaults while investigating the cause of the loss.

#PeckShieldAlert @summerfinance_ has been exploited for $6M ethereum:0x6b175474e89094c44da98b954eedeac495271d0f pic.twitter.com/VEPF5HUgvH

— PeckShieldAlert (@PeckShieldAlert) July 6, 2026

Read more: DeFi drama: ENS governance battle, EF cuts and Gnosis reboot

According to blockchain security auditor BlockSec, the loss was caused by a price manipulation attack. The hacker first “accumulated a large amount of deprecated vgUSDC, likely at negligible cost” before using the tokens to carry out a “share-price distortion” and withdrawing USDC from the vault.

The hack represents just over a quarter of Lazy Summer’s pre-exploit TVL, according to DeFiLlama data. The team has sent an on-chain message to the exploiter, requesting they get in touch.

A $2M slippage slip-up, and a $70B bullet dodged

Elsewhere, an unlucky user appears to have lost approximately $2 million when their trade was routed through an illiquid Uniswap v3 pool.

According to Decurity, which flagged the transaction, the majority of the back-running MEV bot ($1.8 million) was paid as a tip to TitanBuilder.

In better news, blockchain security firm Hexens disclosed a bug on Aptos on Sunday, which it estimates “put up to $70 billion at systemic risk.”

1/
we found a bug in the Aptos Move VM that put up to $70B at systemic risk. type confusion at the execution layer. a ~90% success rate across hundreds of simulated runs on a 30+ validator cluster. cost to build the attack infrastructure: $3,000.

Conducted by @kemmio , to our…

— hexens (@hexens) July 6, 2026

Read more: MEV bot JaredFromSubway.eth loses $7.5M to approvals honeypot 

Highlighting the find, Polygon CTO Mudit Gupta called it “the worst kind of bug possible.” He explains that the “arbitrary state write bug” puts “most assets across all chain[s]” at risk.

Got a tip? Send us an email securely via Protos Leaks. For more informed news and investigations, follow us on XBluesky, and Google News, or subscribe to our YouTube channel.

The post DeFi platform Summer Finance loses $6M in vault exploit appeared first on Protos.

Why this matters

Aptos is showing up inside the Stablecoins theme, so this story is worth tracking for follow-through rather than treating it as a one-off headline.

Original source

Read on Protos

Related market context