Cryptopolitan

Blockchain project Ice Open Network ($ION), the creator behind the $ION token and the Online+ social network built on BNB Chain, reported a notable security issue that resulted in unauthorized access to identity data. The hacking attempt took place on April 15 and involved the leaking of users’ personal information, including emails and 2FA phone numbers.

However, the developers claim that there are no signs of any fund theft, and the private keys have not been accessed. “The individuals involved were not directly employed by Ice Labs,” the team notes.

Unpacking ION’s insider data breach: What was compromised and by whom?

According to the official statement released by the Ice Open Network, the hacking incident occurred when a server hosting their identity database was breached. An individual stole the information and passed it on to third parties. It should be noted that the hackers were not from the company Ice Labs, but rather four former partners of the service provider.

The aforementioned service provider was hired to handle operational tasks, including coordination, design, management, and public relations.

The leaked information contains names of identity keys, public keys linked to them, email IDs, and telephone numbers used for two-factor authentication (2FA). None of the financial details, private keys, or wallets were compromised by the hack, according to the company’s representatives. 

ION plans on additional measures and will run a migration on Online+  tomorrow. During the migration, the platform is slated to be temporarily unavailable or experience loading issues.

Ice Open Network responds with legal actions

Ice Open Network acted swiftly to address the problem. The firm has already traced the people behind the leak and is taking formal action, including filing a complaint with the United Kingdom’s Information Commissioner’s Office and initiating a criminal complaint with the authorities.

In direct advice to users, Ice Open Network has urged users to update their 2FA settings for both email and phone. This will be done with an added measure: a migration process at Online+, scheduled for the next day, April 21st. There could possibly be some downtime due to this migration process.

Importantly, however, the announcement clearly stated that core functions are completely unaffected. The development of the highly scalable DApp framework, the use of tokenized communities, and the vision for a wider Web3 future on BNB Chain will continue unimpeded.

Reactions from the community have been varied, considering its tumultuous past year. “ZachXBT was right when he said Zeus sold customers’ data in 2020,” an X user stated.

ION put on the spot for fraud activities. Source: X

Those who remained supportive lauded the transparent approach. However, others were frustrated by yet another delay and called for complete information regarding the third-party provider.

 Insider data breaches enter new levels

Several recent crypto security incidents align closely with Ice Open Network’s April 15 data breach disclosure. This has created a strong narrative covered in unauthorized third-party access to non-sensitive identity data.

In a  Kraken’s extortion attempt over insider data on April 13, 2026, a criminal group threatened to release videos of internal system access. Two insider incidents involving the exposure of support data for about 2,000 accounts (0.02 percent of clients) took place.

As reported by Cryptopolitan, no full breach occurred, no client funds were at risk, and no passwords or private keys were compromised. 

Within the first 18 days of April alone, crypto protocol hacks had cost $606.2 million through 12 attacks, which is 3.7× higher than the Q1 2026 total of $165.5 million and the highest monthly hack tally since February 2025.

In just the first 18 days of April, crypto protocols lost $606.2 million across 12 incidents—already 3.7× the entire Q1 2026 total ($165.5 million) and the highest monthly figure since February 2025

As reported by Cryptopolitan, KelpDAO was hacked for $293 million and now stands as the largest single exploit of 2026. Hackers exploited the KelpDAO contract by spoofing a cross-chain message on LayerZero. The attack allowed the hackers to steal roughly 18% of the total circulating supply of rsETH (116,500 tokens).

If you're reading this, you’re already ahead. Stay there with our newsletter.

India and South Korea signed a major trade deal this Monday, aimed at increasing bilateral trade to over $50 billion by 2030. This would effectively double the current annual trade volume between the two nations over the next four years.

South Korean President Lee Jae Myung met with Indian Prime Minister Narendra Modi this Monday to deepen trade alliances between the two prominent Asian nations. This is the first time in nearly a decade that a South Korean President has visited India, and the impact of the meeting that took place is substantial. The goal of India and South Korea’s newfound economic partnership is to increase bilateral trade between the two countries to $54 billion USD over the next four years.

India is quickly becoming the world’s fastest-growing major economy, so it is no surprise that South Korea has moved to get in on the action. This news comes after France and India also recently forged a new strategic economic alliance as major world powers seek to deepen economic ties with the blossoming Indian nation. Regardless, this new trade alliance between India and South Korea is set to usher in a new era of economic progress between both countries.

Details of the new economic alliance

This Monday’s upgrade to the Comprehensive Economic Partnership Agreement (CEPA) between Indian and South Korean leaders resulted in the signing of around 15 new documents. These serve the purpose of boosting economic cooperation across various sectors: clean energy, artificial intelligence, critical minerals and supply chains, semiconductors and advanced technology, shipbuilding, manufacturing, defense, and digital trade. Discussions also led to the establishment of an India-Korea Industrial Cooperation Committee, which will be focused on investment in four of the aforementioned areas of industry, trade, strategic resources, and clean energy.

Each of these newly forged agreements is to act as a framework for the two nations to meet their bilateral trade goal of over $50 billion by 2030. This would require an annual growth rate of roughly 18% from where it stands today at roughly $25-27 billion. Leaders from both nations have committed to ongoing negotiations to expedite the CEPA upgrade to make this happen. These negotiations are to include the removal of non-tariff barriers and additional improvements to reduce friction that would otherwise limit the ease of conducting business.

Why India, why now?

The new economic partnership between South Korea and India is part of a larger shift in economic strategy by major world powers. India is quickly positioning itself as a global production hub as many countries seek to diversify supply chains away from China. However, this is hardly accidental, but part of a larger effort by the Indian government to transform its economy in a way that invites accelerated foreign investment.

India’s Viksit Bharat 2047, which translates to “Developed India 2047,” is the government’s long-term plan to become a fully developed economy by its 100-year anniversary of independence from the British. It is driven by a few major engines such as scaling domestic production, technological leadership, expanding clean energy resources, and low-cost infrastructure expansion. This future-oriented agenda gives foreign partners confidence in the long-term stability of economic partnership with India as they scale their economy with intention.

The crypto card with no spending limits. Get 3% cashback and instant mobile payments. Claim your Ether.fi card.

Coinbase (NASDAQ: COIN) announced that users in the United Kingdom (UK) can now access the crypto loan facilities it opened up for US users last year, according to an official blog by the NASDAQ-listed firm today. 

Per the announcement by the “everything exchange” firm, it will now allow UK customers to put up their BTC, ETH or cbETH holdings as collateral to receive USDC tokens that they can instantly spend on-chain or convert into fiat for real-world expenses while their crypto sits in Morpho vaults.

The launch comes as a potential shot in the arm for the lending market, which is currently assessing losses and dealing with the fallout from the $292 million KelpDAO exploit that has caused more than  $6 billion to be pulled from the leading lending market, Aave alone. 

UK customers can now borrow USDC from Coinbase 

Coinbase’s blog today April 20 unveiled that UK Coinbase users can borrow USDC against their BTC and ETH holdings almost instantly, with up to 3.5% APY in USDC rewards automatically kicking in for Coinbase One members. However, they have to manually opt out if they don’t want it. 

BTC holders can borrow up to $5 million in USDC according to the release, as long as they have the BTC in their portfolio. Morpho handles most of the backend stuff, putting the assets up as collateral in its smart contracts and paying out the USDC loans, while Coinbase handles the frontend, from where customers can use the USDC as they want. 

According to Dune dashboards, close to $2.3 billion of the total amount of loans processed on Morpho have originated from Coinbase, more than double the $1 billion milestone the company celebrated in October 2025. 

Coinbase has facilitated about $2.3 billion in lending activity to Morpho. Source: Dune

The UK launch comes one year after Coinbase rolled out the service to US users, excluding those in New York. 

The UK operation of the US-founded exchange is run by CB Payments, Ltd., a specific subsidiary that is recognized as an Electronic Money Institution by the FCA, having registered with the regulator in February 2025. It has also overseen the rollout of DEX trading in April 2026 and, before that, the launch of savings accounts in November 2025. 

Morpho gains prominence as Coinbase expands credit line 

All of Coinbase’s crypto-backed loan business is directed to Morpho, a permissionless decentralized lending platform built on Base, the Ethereum L2 network backed by Coinbase. 

For now, only BTC and ETH are available for UK borrowers, while US users already have access to loans backed by their XRP, DOGE, ADA, and LTC holdings.

Just last month, Cryptopolitan reported that Coinbase and Better Home & Finance will now allow US home buyers to access credit facilities against their crypto for their mortgages. 

Coinbase also has USDC lending options for users, offering up to 4.1% in rewards on USDC that users commit to the program, which runs through an on-chain integration with Morpho.   

The activity from Coinbase contributes to Morpho being the second-largest crypto lending platform per Defillama data, holding about $6.6 billion in total value locked (TVL) as of April 20, about double the amount held in Justlend, the next largest venue for on-chain borrowing. It also has over $3.7 billion in active loans, second only to  Aave. 

Notably, the platform saw  more than $1 billion pulled out from its vaults in part of the DeFi contagion from the KelpDAO $292 million hack that rocked markets on April 18. Aave, the leading lending market, is approaching $10 billion in lost TVL since the event.

Another thing to look out for as a borrower is the liquidation threshold of collateral. According to Coinbase, “If the amount of your loan, including accrued interest, reaches a certain threshold relative to the value of your collateral, liquidations are triggered.”

If you're reading this, you’re already ahead. Stay there with our newsletter.

The Securities and Futures Commission (SFC) in Hong Kong has launched a new framework that allows authorized tokenized funds to be traded around the clock on licensed platforms.

To support this new system, Hong Kong has launched several projects like EnsembleX and EndembleTX to facilitate the use of regulated stablecoins and tokenized deposits

What products can be traded 24/7?

Hong Kong’s Securities and Futures Commission (SFC) has released a new regulatory framework that allows SFC-authorized tokenized products to be bought and sold on secondary markets, including overnight and on weekends.

As of March 2026, 13 tokenized products were already sold to the public in Hong Kong. The total assets under management (AUM) for tokenized shares have grown roughly seven times over the past year, reaching HK$10.7 billion (approximately $1.37 billion USD).

The new rules aim to integrate traditional finance with the Web3 ecosystem. Officials confirmed that the framework will specifically support using regulated stablecoins and tokenized deposits.

“This initiative allows traditional securities products to be traded at night and on weekends after tokenization, and promotes all-weather liquidity through the use of regulated Stablecoins and tokenized deposits.” Liang Fengyi, the CEO of the SFC, said. 

The SFC stated that the initial batch of products to trade under this 24/7 regime will focus on these low-risk funds to ensure stable operations. After reviewing how these first products perform, the Commission will consider expanding the range of eligible assets.

The framework explicitly allows secondary market trading on SFC-licensed virtual asset trading platforms. However, the SFC also noted that it will consider permitting off-exchange secondary market trading on a case-by-case basis.

How will Hong Kong support this market?

The Hong Kong Monetary Authority (HKMA) and SFC are building a three-layer digital money infrastructure to support these trades.

To make 24/7 trading work, the city implemented a mandatory licensing regime for fiat-referenced stablecoins as of March this year. These are fully backed reserves that have a minimum HK$25 million capital requirement and are designed for retail payments and transfers. 

However, the HKMA has yet to issue any actual licenses as of April 2026, as reported by Cryptopoliitan. The regulator missed its self-imposed March deadline for first approvals. 

EnsembleX was launched in November 2025, and the project runs with real money. Major financial institutions, including HSBC (0005.HK), Standard Chartered (2888.HK), and Bank of China (3988.HK), are participants. 

HSBC has already completed the first cross-bank transaction, moving HK$3.8 million for Ant International in real time. 

EnsembleTX is a platform that settles tokenized deposits between banks, aiming to upgrade to 24/7 tokenized central bank money.

The SFC Executive Director, Yip Chi-hang, confirmed at the Hong Kong Web3 Carnival that this framework is the first globally with predictability for trading tokenized authorized funds. He added that the SFC is also working on a framework for perpetual contracts and margin financing for virtual assets.

If you're reading this, you’re already ahead. Stay there with our newsletter.

Strategy added 34,164 BTC to its treasury, its biggest purchase to date, and the biggest since November 2024. This time, Strategy extended its new fundraising cycle, achieving high demand for its STRC preferred stock. 

Strategy achieved its goal of purchasing more BTC at scale through a new fundraising cycle. The company now holds 815,061 BTC with an average price of $75,527 BTC. 

New BTC purchases accelerated as Strategy’s treasury broke even on average. 

Strategy has acquired 34,164 BTC for ~$2.54 billion at ~$74,395 per bitcoin and has achieved BTC Yield of 9.5% YTD 2026. As of 4/19/2026, we hodl 815,061 $BTC acquired for ~$61.56 billion at ~$75,527 per bitcoin. $MSTR $STRChttps://t.co/NYkkvObeb4

— Strategy (@Strategy) April 20, 2026

The recent purchase was expected after Michael Saylor’s preliminary message, which signaled another large-scale addition. 

The latest purchase arrived as BTC traded above $75,000, though stalling its recent rally at $78,000. Strategy’s move arrives at a time when ETFs and other whales are also accumulating, in expectation of a breakout or long-term growth. 

Strategy achieves STRC goal

Last week’s large purchase revealed the growing demand for STRC, as well as new MSTR issues. The strong STRC demand hinged on April’s ex-dividend date, which usually causes a rush to buy the preferred stock and secure the monthly return of 11.5%. 

For its latest purchase, Strategy sold 21.7M STRC valued at $2.17B, and an additional 2.16M in new MSTR shares, valued at $366M. STRC achieved $2.17B in volume as of April 14, with a total of $2.2B in proceeds for last week. Currently, STRC trades at $99.36, $0.64 below the ATM rate for new sales. 

The success of STRC has sparked hopes of another BTC price cycle, this time fueled by digital credit. 

Starting July 2026, STRC will pay its 11.5% annual dividend bi-weekly, to avoid the crowded sales and spread out raises more evenly, without a big monthly bump in trading. Strategy also aims for less price volatility around ex-dividend dates.

MSTR gets a boost from increased demand

MSTR has returned to its trading pattern of amplifying the BTC price moves. The common stock was not affected by the ongoing dilution and added over 31% to its price in the past week. 

MSTR expanded in the past week, amplifying the BTC recovery. | Source: Google Finance

MSTR is used as a supporting source of liquidity together with STRC. The common stock expanded to $166.52, securing the recent purchase and enough liquidity for dividend payments. 

For now, MSTR looks secondary, but Strategy has authorized another $21M. The ATM facility has $26B in new stock issuance, accelerating the Strategy playbook from its previous plans.

Your keys, your card. Spend without giving up custody and earn 8%+ yield on your balance with Ether.fi Cash.

Crypto funds saw $1.401 billion in weekly inflows for the period ending April 17, 2026. This was the strongest total since January and a third straight week of net positive flows.

According to CoinShares data, the week’s performance was supported by improving risk appetite tied to US-Iran ceasefire extension talks and Bitcoin’s brief move above $76,000. Total assets under management across all products climbed to $154.768 billion.

Crypto funds post strongest weekly total since January

For Bitcoin products, there were $1.115 billion in weekly net inflows. Year-to-date net inflows for Bitcoin products stood at $3.079 billion. Total assets managed by Bitcoin products amounted to $123.022 billion. Inflows in Bitcoin products accounted for about 79.54% of the overall total product flows during the week. Short-Bitcoin products witnessed $1.4 million in weekly inflows.

Data for US Bitcoin ETFs, as provided by SoSoValue, also showed significant inflows for the week. The week ended April 17, 2026, saw $996.38 million in weekly net inflows. Cumulative net inflows increased to $57.74 billion. Previous week net inflows ended on April 10 with $786.31 million, while the week ended on April 2 saw a figure of $22.34 million.

Crypto funds flow by provider. Source: CoinShares

Weekly inflows for Ethereum crypto funds came in at $328 million, which was the highest single-weekly figure recorded since January 2026. For the month-to-date period, inflows for Ethereum products amounted to $435.4 million, while year-to-date inflows for Ethereum products increased to $197 million.

Total assets under management for Ethereum products stood at $19.504 billion. SoSoValue weekly data for US Ethereum ETFs recorded $275.83 million in net inflows for the week ending April 17, 2026.

Provider rankings led by iShares as CoinShares records outflows

Among providers, iShares recorded $1.042 billion in weekly inflows. This brought its month-to-date total to $1.761 billion, year-to-date inflows to $2.764 billion, and total assets under management to $71.592 billion.

ARK 21Shares followed with $106 million in weekly inflows and assets under management of $3.057 billion. However, its year-to-date figure remained at $130 million in net outflows. Bitwise posted $122 million for the week, with month-to-date flows of $156 million, year-to-date inflows of $305 million, and assets under management of $6.621 billion.

Fidelity added $36 million for the week. However, its year-to-date figure remained at $1.122 billion in net outflows. ProFunds Group contributed $9 million.

CoinShares was the largest provider of outflows of the week at $113 million, with month-to-date outflows of $107 million. Grayscale shed $6 million for the week, with year-to-date outflows of $451 million and assets under management of $21.394 billion. 21Shares AG posted a minor weekly outflow of $2 million.

XRP and Solana post outflows as altcoin flows turn mixed

$56.2 million was registered as weekly outflows for XRP, the highest of any altcoin in the period. XRP’s monthly flows were also negative at $37.2 million, but its yearly positive inflows still remained unchanged at $122 million.

Assets under management in relation to XRP products amounted to $2.656 billion. The weekly flow for Solana was slightly negative at $2.3 million. Monthly flows were near zero, with a positive flow of just $0.5 million.

Chainlink added $5.3 million for the week, with a year-to-date total of $47 million. Sui drew $2.2 million and multi-asset products saw $2.6 million in weekly inflows. Litecoin and Zcash recorded no flows for the period.

Crypto funds see US drive 107% of weekly total

The US was the largest weekly contributor with inflows worth $1.494 billion, which is higher than the total weekly inflows. Year-to-date US inflows were estimated to be $2.338 billion. Meanwhile, year-to-date US inflows totaled $2.799 billion.

In Switzerland, the only regional outperformer, the weekly inflows amounted to $137.8 million. On a month-to-date basis, Swiss outflows were valued at $132.2 million. In Germany, week-to-week inflows amounted to $28 million. Month-to-date inflows were estimated to be $75.8 million, while assets under management stood at $6.701 billion.

The Canadian market recorded inflows worth $8.3 million; Hong Kong reported inflows of $3 million, while inflows in Sweden were valued at $3.1 million. Brazil, Australia, the Netherlands, France, New Zealand, and Italy each recorded positive but minimal weekly inflows.

The crypto card with no spending limits. Get 3% cashback and instant mobile payments. Claim your Ether.fi card.

The founder of Tron, Justin Sun, has publicly appealed to the hacker behind the $293 million KelpDAO drain. According to his X tweet, Justin Sun asked the hacker to strike a deal with KelpDAO not to inflict additional harm on the restaking platform and the lending protocol Aave, where the funds had been leveraged as collateral.

“You can’t spend $300 million anyway,” Sun noted, highlighting the practical challenges of laundering or liquidating such a massive sum in today’s tracked blockchain environment. 

KelpDAO’s hack leads to an ongoing fallout

The hack unfolded on April 18 after the hackers attacked the KelpDAO LayerZero bridge, draining 116,500 rsETH tokens from the pool. This represents liquid restaking derivatives for the staked Ether. 

KelpDAO is a multicoin liquidity staking protocol with $1.5 billion in value locked at the time. KelpDAO acted swiftly, suspending all its multisig governance functions, deposit pools, withdrawal pools, oracles, and even the rsETH token on the mainnet and Layer-2 networks. 

Inquiries into the LayerZero network have begun to uncover the underlying reason for the hack, which is said to have stemmed from a single DVN deployment that resulted in a critical flaw.

From there, the attacker moved the illegal rsETH tokens as collateral on Aave and borrowed large sums of actual ETH, causing bad debts to accrue. Contagion set in: Aave’s users began withdrawing funds at a rapid pace, with estimates exceeding $54 billion in assets being pulled from liquidity markets.

Justin Sun was also able to recover about 65,584 ETH ($154 million). At the time of writing, the protocol is still frozen despite the decreasing TVL numbers in DeFi.

Sources told Cryptopolitan that L1 rsETH is completely collateralized, and the pertinent Aave market is “completely solvent.”

In a particular message, it was reported that weETH was unaffected, that liquid vaults were functioning normally, and that LiquidETH and LiquidUSD customers would not experience drawdowns, since any losses from higher borrowing expenses in Aave would be offset.

KelpDAO’s hack tied to an insider job

Adding fuel to the fire of the KelpDAO fiasco is the emerging suspicion that the hack could very well have been an insider job. Crypto community observers suggest that KelpDAO was warned 15 months prior to the attack in their governance forums about the 1/1 DVN issue in LayerZero. 

KelpDAO’s hack is being rumored to be an inside job. Source: X

The protocol’s decision to deploy the weakest possible security setup—a single verifier for a bridge holding hundreds of millions—despite its scale has raised eyebrows.

Traders have traced a similar pattern from previous hacks, now flagged as insider jobs. For example, the BTER exchange breach in 2014.

DeFi hacks terrorize 2026 crypto traders

The KelpDAO hack is the biggest attack on DeFi in 2026 to date, following close on the heels of an even bigger hack. On April 1, Drift Protocol, a Solana-based perpetual exchange, was hacked for $285 million, according to security analysts, who linked the attack to a complex six-month social engineering operation carried out by hackers affiliated with North Korea (UNC4736, or Lazarus Group). 

Hackers allegedly gained access to Drift Protocol’s internal Telegram channels and employed malware to steal users’ funds before moving them to Ethereum.

 Also, in April, other hacks have been reported on Hyperbridge, Grinex Exchange, and Rhea Finance.

Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free.

DeFi is losing capital, after a month with two major exploits and general distrust in Web3 protocols. Some of the funds are redirected to still viable crypto use cases, especially RWA tokens. 

DeFi is shedding capital at an accelerating rate on a mix of technical and financial risks. The exploits of Drift Protocol and Kelp DAO only accelerated the process through DeFi contagion. 

In the past week, Sky Protocol, Spark, Morpho, and EtherFi followed Aave, each losing roughly 10% of their total value locked. Recent data shows the Aave outflows continue and are on track to reach $10B, after whales withdrew their large holdings. 

Ethereum also lost 10.5% of the value locked in DeFi within a week, with 4% outflows for Solana and 6.3% outflows for Base. Even smaller protocols lost their deposits, with high rates no longer attractive. 

Money is leaving DeFi at an unprecedented scale pic.twitter.com/bZ3m40wfs4

— wale.moca 🐳 (@waleswoosh) April 20, 2026

DeFi protocols were seen as one of the viable products in crypto, retaining liquidity and thriving even during bear markets. However, a rush to withdraw funds may undermine the industry and lead to worsening sentiment. The DeFi losses may have ongoing effects on DEX trading, stablecoin usage, and general crypto adoption.

DeFi faces a serious security problem

DeFi faces a serious security problem with multiple vectors of potential exploits. DeFi innovation itself may be threatened, commented Wintermute’s founder Evgeny Gaevoy. 

ngl feels pretty bleak for defi innovation at this stage, especially for the composability side as the spillover effects from any hacks go beyond a single protocol
hunker down and critically re-evaluate your security setup is the right approach currently

— wishful_cynic (@EvgenyGaevoy) April 20, 2026

The main selling point of DeFi was that protocols were permissionless and free for anyone to use. This also meant exploits and attempts to withdraw funds were only noticed when they were successful, with no other vetting or mandatory waiting periods. 

The permissionless nature of DeFi has led to the latest significant hacks, happening just as protocols rebuilt their liquidity. After the 2022 market crash, DeFi took years to rebuild value locked and regain trust. The current fund outflows suggest the sector may not see the same liquidity return quickly.

Liquidity shifts to RWA

Tokenized real-world assets are still a growing narrative, with constant liquidity inflows. US Treasury debt is the most prominent tokenized asset, which often sits at the center of many low-risk DeFi protocols. 

As users abandon risky vaults, the yield from treasuries may be more secure and appealing. Tokenized commodities are also setting new records for value locked and general trading activity. 

In April, tokenized real-world assets broke above the $30B milestone, led by bonds and commodities. Around $13.88 was held in tokenized US Government debt. 

RWA allows the inflow of external value instead of relying on often circular, highly interdependent DeFi valuations. DeFi users have also commented that some yields are relatively low, but still have a high risk of exploits, and traditional interest rates may become more appealing. 

RWA assets are a compromise, allowing users to get on-chain exposure to stocks and bonds. However, for users in regulated markets, the advantages of DeFi are also disappearing. 

Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free.

Bitcoin stayed soft near $75,000, with BTC down 0.29% as market momentum cooled and the crypto sentiment stays neutral.

Open interest stood at $119.56 billion and dipped 0.46%, while liquidations jumped 51.36% to $419.14 million.

Global stocks lost steam after the ceasefire bounce, U.S. futures turned lower, Europe fell, Asia was mixed but somewhat up, and oil surged with WTI at $89.29, while Brent stayed at $96.12.

Token unlocks worth more than $723.89 million are scheduled for the April 20 to April 27 window, according to data from Tokenomist.

For this week, there are eleven major cliff events and five big linear vesting events, while Undeads Games and LayerZero lead the pack for the single-time unlocking category. At the same time, RAIN tops the list for the linear unlocking category.

Undeads Games leads token unlocks this week

UDS has the biggest cliff unlock for the week, amounting to $42.17 million for a total of 24.95 million tokens, equivalent to 15.32% of the adjusted released supply. This is followed by ZRO, which has an unlock of 25.71 million tokens, priced at $41.39 million and representing 5.34% of the adjusted released supply.

In terms of percentage of unlocks, MBG holds the record with an unlock of 16.67% of the adjusted released supply, amounting to 51.15 million tokens valued at $17.45 million.

H is scheduled to release 105.36 million tokens, with a value of $10.98 million, equivalent to 4.02% of the adjusted released supply. Meanwhile, XPL has an unlock of 88.89 million tokens, valued at $9.28 million, equating to 3.83% of the adjusted released supply.

$723.89 Million in Token Unlocks This Week

Total cliff unlock, unlocked immediately after a set period, is $178.29M this week:

• $H $9.91M
• $JUP $8.376M
• $PARTI $8.28M
• $XPL $8.21M
• $SOSO $5.49M

Linear unlocks, slow release over time: $NIL, $KMNO, $BIGTIME,… pic.twitter.com/NPhnYqC1dD

— Cryptopolitan (@CPOfficialtx) April 20, 2026

One of the noteworthy percentages this week is that of HYPER, which has a cliff unlock of 97.05% of the adjusted released supply, equating to 92.11 million tokens priced at $8.62 million. In second place, we have LMTS with 65.04% of the adjusted released supply, equating to 85.43 million tokens with a value of $8.25 million.

INIT will unlock a total of 83.51 million tokens that have a value of $7.45 million, representing 45.57% of the adjusted released tokens. KAITO has 17.60 million tokens, with a value of $7.34 million and 4.93%. On the other hand, SOSO has 13.33 million tokens, with a value of $5.65 million.

RAIN and SOL dominate the linear releases

RAIN leads all linear token unlocks with $71.82 million across 9.50 billion tokens, equal to 1.99% of its circulating supply. The figure makes RAIN the single largest contributor to the week’s total across both unlock categories by a considerable margin.

Solana (SOL) ranks second among linear releases with 466.86 thousand tokens valued at $39.02 million, or 0.08% of circulating supply. CC follows with 191.71 million tokens worth $28.53 million, equal to 0.50% of circulating supply.

TRUMP allocates 6.33 million tokens worth $17.66 million, which constitute 2.72% of circulating supply. This percentage is the highest share in linear allocations within the current week. Worldcoin (WLD), on the other hand, issues 37.23 million tokens worth $9.65 million, which account for

Smaller projects with upcoming vesting events

Apart from the major listings, there are also some smaller projects that will have token unlocks coming up between April 20 and April 27. The next unlock for REVOX (REX) will be 34.38 million tokens, which represent 1.15% of the total locked tokens. The unlock progress is currently 68.44%.

The next unlock for Drift (DRIFT) will be 13.16 million tokens, or 1.32% of the total locked tokens. The unlock progress is currently 18.58%. Yooldo Esports (ESPORTS) will have its next unlock at 43.98 million tokens worth $17.48 million, representing 4.89% of the total locked tokens.

There will be a new unlock batch for Catizen (CATI) of 10.52 million tokens worth $471,300.66, which amounts to 1.05% of its total locked tokens. The percentage for unlock progress for the token is 45.50%. There will also be an unlock for SavannaSurvival (SVSA) amounting to 15.65 million tokens worth $17,864.

There’s a middle ground between leaving money in the bank and rolling the dice in crypto. Start with this free video on decentralized finance.

Kenyan crypto traders have gone on record about the freezing of their Binance accounts, which has persisted for over two months since the DCI made its request. No charges have been filed, no court order has been issued, and no time frame has been given for when the problem will be resolved.

This has sparked debate once again on the issue of striking the fine line between cooperation and user protection in Kenya’s dynamic crypto space.

Kenyan traders’ silent struggles with frozen assets

As mentioned in the X thread by the affected user, he received an email from Binance stating that the funds were frozen on their platform on behalf of the DCI by the National Police Service. However, when he requested more information, Binance replied bluntly that he should contact the police department for further details.

“No complainant identified. No formal charges. No timeline given,” the trader wrote. “Funds remain inaccessible. Meanwhile, real life doesn’t pause. Bills are piling up. Debt is growing.”

The complaint brought to light the frustration of Kenyan traders who see crypto as a path to financial inclusion but suddenly find themselves restricted by an unclear policy.

Traders’ frustrations towards Binance and the Kenyan DCI. Source: X

This is happening at a time when the Kenyan government is increasingly focusing on regulating peer-to-peer trade and virtual asset transfers, especially amid widespread fraud in the country. However, the lack of openness has raised doubts on whether such freezes serve legitimate investigations or risk becoming tools of arbitrary control.

One X user has questioned how the DCI knows Kenyans’ Binance accounts.

Yaani DCI wanajua accounts za Binance how is this even possible? pic.twitter.com/aqQV8cr0Ri

— ︎︎︎︎︎︎︎ ︎Mary Kwamboka (@MaryKwamboks) April 20, 2026

Kenyans stand ready to boycott the exchange if they cannot explain the matter or unfreeze the affected accounts. The #BinanceUnmasked hashtag is already in motion. 

Binance’s global pattern of account locks in partnership with governments

Binance has positioned itself as a leader in compliance, processing over 71,000 law enforcement requests in 2025 alone. It has assisted in the seizure of more than $752 million in illegal crypto assets globally.

However, the exchange routinely freezes accounts flagged by agencies investigating fraud, terrorism financing, or money laundering. This is often in coordination with bodies like the US authorities, Israeli police, and Asia-Pacific task forces. 

In particular, Binance has helped freeze accounts associated with North Korea-based hackers and recover stolen funds from various fraud schemes.

While the exchange touts its importance in the fight against crime with immediate interaction with such agencies as the Beacon Network, there are many others who report the same problems. Their account remains inaccessible for an indefinite period of time, receiving hardly any correspondence and being redirected to some far-flung authority on crime.

However, this compliance-first strategy, although mandated by law, frequently leaves average investors in a state of purgatory, particularly in nascent regulatory environments such as Kenya’s. There is no solace in the typical instruction found on the website to “contact the requesting agency.”

Kenya’s crypto regulations oversight tempered by corruption concerns

Kenya is working to formalize its crypto laws using the VASP Act of 2025 and the VASP Regulations 2026. Both the CBK and CMA are responsible for overseeing regulations that require exchanges, wallets, and stablecoin issuers to obtain licenses, as well as KYC, AML, and CFT regulations. 

As it stands, the platforms should report any suspicious transactions to the FRC and also work with the DCI in investigations. 

However, there is concern that, given the focus on collaboration between law enforcement agencies, the new reforms will exacerbate current weaknesses in the country’s system. 

The corruption cases in Kenya involving law enforcement have made citizens fearful that the freezing of bank accounts could potentially be abused. This year, losses from crypto fraud totaled $43.3 million.

If you're reading this, you’re already ahead. Stay there with our newsletter.

Aave, the leading lending protocol, drew attention to its liquidity profile. Recent research showed major Aave vaults were at 100% utilization, meaning a virtual inability to withdraw funds. 

Aave may be facing a liquidity crisis, as major lending vaults are at 100% utilization. All funds are borrowed, and liquidity providers may not withdraw their collateral. 

The most affected vault is for WETH, the most commonly used version of wrapped ETH tokens. Stablecoin vaults are also getting depleted. 

Aave 的 Ethereum Core 市场 WETH 利用率都被拉满 100% 了

存入的 WETH 都被借光了

同样几乎被拉满的还有 Core 市场的 USDT、USDC 和 Plasma 的 USDT0🧐 https://t.co/LzmFA3qe3m pic.twitter.com/v0Z7JOZUXX

— defioasis.eth (@defioasis) April 19, 2026

WETH is a relatively liquid asset that can be easily traded on other DEX destinations. The main reason for the maxed-out vaults is a peak outflow from Aave, due to exposure to the KelpDAO hack. 

Aave experiences peak outflow

Aave experienced the third-largest outflow in history, with $5B moved through the Ethereum network. The protocol is still checking for bad debt, which may exacerbate the losses from the KelpDAO hack. According to early estimates, Aave may carry up to $196M in bad debt, due to the usage of illiquid rsETH used to borrow WETH. Part of the outflow may come from the exploiters taking out WETH to liquidate and disguise funds.

The outflows diminished the total value locked on Aave to $17.5B, down from a recent peak above $25B. The recent KelpDAO hack showed that Aave did not react automatically to all market-shaking events, but the results depended on exposure. 

As the exposure to KelpDAO’s rsETH threatened liquidity, users turned to safer assets like WETH and stablecoins. The recent incident shows that DeFi lending is at risk due to the increase in large Web3 hacks. The attacks against Drift Protocol and KelpDAO in less than a month put WEB3 security at the forefront, especially in cases of significant liquidity accumulation. 

The effects on Aave may affect DeFi as a whole, as the lending protocol was the main venue for reliable vaults. The recent outflows signal that DeFi as a whole may be at risk, as it concentrates on major protocols. As Cryptopolitan reported, a DeFi contagion may spread to L2 and other protocols. 

Aave liquidity declined even before the KelpDAO hack

In the past month, even without the recent outflows, Aave liquidity declined by around 25% or over $20B. Stablecoin liquidity is also down by 35%, and borrowing is down 10%. 

AAVE tokens were in decline for the past quarter, sinking from a local high of $157. Following the outflows, AAVE crashed from $112 down to $92. 

At the same time, Aave proved relatively resilient as the utilization was only peaking in a handful of markets. The platform carries 215 lending vaults or markets, with an average utilization rate of 37%. 

DeFi lending usually works better during bull markets, but the latest outflows may test Aave’s resilience. Even with relatively stable ETH prices above $2,300, the bad debt and rapid outflows will put pressure on the protocol.

Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free.

RAVE ended its unstoppable rally after an investigation was mounted to check for dishonest trading practices. The Rave DAO team claimed they had no intentions of causing the record pump. 

RAVE tokens ended their record rally, which took the price as high as $27.73 as of April 17. In the past day, RAVE crashed by over 66%, and in total, wiped out 90% of its market capitalization in the past week.

RAVE crashed over the weekend, while team wallets continued to sell, adding another 66% crash in the past day. | Source: CoinGecko.

As Cryptopolitan reported, the RAVE crash was expected, given the unrealistic valuation that crossed $10B within days. 

The RAVE rally was considered unsustainable, eventually ending overnight and sending the token to $0.55. RAVE is yet to return to its previous baseline trading at around $0.30. However, the token may have lost more of its reputation after allegations of insider trading. 

ZachXBT called for a RAVE investigation

On-chain investigator ZachXBT was the main trigger for the price crash. He called for an investigation based on suspicious trading patterns, aiming to claim a $10,000 bounty for discovering unfair trading practices. As a result, Binance, Bitget, and Gate started an investigation into RAVE trading and the cause of the massive pump. ZachXBT also announced his own whistleblower bounty of $25,000. 

The crypto sleuth previously contacted Rave DAO, pointing out the highly concentrated ownership of RAVE tokens. 

A summary of the RAVE -95% price fluctuation from $26 to $1 over the past 24 hours.

RAVE Timeline: April 18, 2026

7:26 am UTC: I posted a call to action for Binance, Bitget, & Gate to investigate RAVE market manipulation and offered a $10K bounty.

10:56 am UTC: I posted an… pic.twitter.com/mivKcdyBrw

— ZachXBT (@zachxbt) April 19, 2026

As exchanges reacted to ZachXBT’s call, the Rave DAO team moved in to disclaim any intentional price manipulation. The project still claimed it had long-term intentions and had just recently started recruiting influencers and growing its mindshare. 

The team has warned that it intends to liquidate some of the tokens based on its roadmap. ZachXBT noted some of the recent selling action was connected to team wallets, meaning the sellers made use of the over-inflated RAVE price. 

The selling did not stop even as RAVE lost over 90% of its value. ZachXBT intercepted more transactions coming from team wallets making Bitget deposits, as RAVE sank from $1 to $0.60. 

RAVE performed in a way similar to other token pumps, such as SIREN. According to ZachXBT, exchanges may need stronger protections against volatile assets, where market makers can create unrealistic price action.

What will happen to the Rave DAO project?

In the past, tokens have managed to perform multiple pumps similar to that of RAVE. However, the assets were rarely investigated in detail, and traders expected the eventual crash.

In the case of RAVE, the project increased its mindshare to 0.3%, a significant feat for the token. This also means the Rave DAO story will be taken as a cautionary tale. The token will now be traded with a much more cautious sentiment. 

The other option is that RAVE may still cause short squeezes. The potential for the team to sell more RAVE may lead to opening short positions again. RAVE remains risky, causing around $15.4M in liquidations in the past 24 hours. In total, $8.94M in long positions were liquidated from traders betting on a recovery, while another $6.51M in short positions were liquidated due to short-term volatility. 

If you're reading this, you’re already ahead. Stay there with our newsletter.

US intelligence agencies are actively deploying advanced artificial intelligence tools from Anthropic despite a formal Pentagon designation labeling the firm a “supply chain risk,” according to a new report highlighted by Axios.

At the center of the controversy is Anthropic’s Mythos Preview model, which sources say is currently in use at the National Security Agency (NSA). The development exposes a growing divide within the US government over how to balance rapid AI adoption with internal security restrictions.

The Pentagon blacklisted Anthropic earlier in February 2026 after a dispute over AI safeguards and military use, formally warning that its systems posed a potential supply-chain vulnerability. However, intelligence officials appear to be prioritizing Mythos’ capabilities, particularly in cybersecurity, over those concerns.

According to sources, the National Security Agency (NSA) has adopted Mythos, as have other units within the Department. So far, the specifics of the NSA’s use of Mythos are not publicly known, but elsewhere the model is largely being used to scan internal environments for security flaws. The model is considered one of the most advanced AI systems available, with strong “agentic” abilities that allow it to autonomously analyze and exploit complex systems.

Reports of NSA and DOD use come days after insiders said the White House was negotiating access to Anthropic’s Mythos model even as efforts to blacklist the company continued. More recently, CEO Dario Amodei also confirmed that the firm has been in contact with government officials and is open to collaboration. 

Some agencies argue that limiting access to such powerful AI could put the US at a strategic disadvantage, particularly against geopolitical rivals. However, experts warn that the same capabilities that make Mythos valuable for defense could also introduce new risks. Its ability to uncover vulnerabilities at scale could be weaponized if misused, raising concerns about escalation in cyber warfare.

White House officials met with Amodei to discuss Mythos use in government operations 

Only about 40 vetted organizations are permitted to use Mythos. Of the 40 groups, only 12 are publicly known, and the NSA is reportedly tucked away in the unlisted majority. In the U.K., agencies similar to the NSA also noted they have access to the model through their national AI Security Institute. 

Anthropic describes Mythos as remarkably powerful in cybersecurity, capable of spotting deeply embedded bugs and independently exploiting them. This combination of advanced detection and autonomous analysis has already raised both interest and concern among policymakers. 

On Friday, Amodei met with White House chief of staff Susie Wiles and Treasury Secretary Scott Bessent to discuss how the model can be safely integrated into government infrastructure. Despite the White House’s public friction with Anthropic, this meeting highlights that the model’s power is simply too valuable for federal security needs to pass up. 

Both sides characterized the talks as productive. The White House even shared, “We discussed opportunities for collaboration, as well as shared approaches and protocols to address the challenges associated with scaling this technology.” 

Anthropic filed a lawsuit to counter the supply chain risk designation

Anthropic fired back at the Pentagon in March, filing a lawsuit to overturn the supply chain risk designation that threatened its government contracts. This was the first time the “not secure enough” tag has been pinned on a domestic provider, effectively barring their tools from standard government use. 

Anthropic’s legal team has branded the “risk” designation a revenge tactic after Amodei denied the DoD’s request to integrate the AI into fully autonomous weapons systems and mass domestic surveillance.

As earlier reported by Cryptopolitan, a California district court judge sided with Anthropic and temporarily blocked the “supply chain risk” label. Still, a federal appeals court has since overturned that stay, keeping the designation in place for now. 

In the early days of the blacklist efforts, President Donald Trump had claimed that the radical leftists running the firm were trying to dictate terms to the Defense Department. He argued, “We don’t need it, we don’t want it, and will not do business with them again!”

At the moment, some in the DoD still believe Anthropic’s refusal to cooperate fully proves they would unplug their tech during a war, making them a flight risk in combat. However, other administration officials are eager to bury the hatchet just to get their hands on the company’s superior tech. 

Still letting the bank keep the best part? Watch our free video on being your own bank.

Iran moved back into full control of the Strait of Hormuz on Sunday while still considering closing of the negotiations open with the Trump administration.

Tehran denied it would join a new round of peace talks with the United States, according to state news agency IRNA, just hours after Donald Trump said Iranian negotiators would go to Pakistan on Monday for a second round.

IRNA did not name a source, but it laid out Tehran’s case. The outlet said Iran blamed Washington’s excessive demands, unrealistic expectations, constant changes in position, repeated contradictions, and the naval blockade it says broke the ceasefire.

IRNA wrote, “Under these conditions, the outlook for constructive talks remains bleak.” Tehran also made clear that it wants the U.S. blockade on Iranian ports lifted before any return to talks.

Iran backs out of talks as the U.S. seizes TOUSKA in the Gulf of Oman

The freeze in diplomacy came as Trump described a clash at sea. In a Truth Social post, he said an Iranian-flagged cargo ship called the TOUSKA tried to pass the American naval blockade in the Gulf of Oman.

Trump said the ship was nearly 900 feet long and weighed almost as much as an aircraft carrier. He said the guided missile destroyer USS Spruance intercepted it and warned it to stop. According to Trump, the crew refused, the Navy fired into the engine room, and U.S. Marines then took custody of the vessel.

Trump said the USS Spruance gave the ship fair warning, then blasted a hole in the engine room after the crew did not listen.

He also said the TOUSKA is under U.S. Treasury sanctions because of what he called a prior history of illegal activity, and that the United States now has full custody of the vessel and is inspecting what is on board.

That seizure came as Iran stepped away from the second round of talks. Tehran said the blockade of ships entering and leaving Iranian ports was one reason it would not attend.

Iranian President Masoud Pezeshkian also pushed back on Trump’s nuclear line, saying Trump has “no justification to deprive Iran of its nuclear rights.” That came only 48 hours after Trump said Iran had agreed to give up uranium enrichment and all “nuclear dust.”

Tehran rejected that too, saying that Trump’s “maximalism and unreasonable and unrealistic demands” caused the collapse in talks. Iranian officials also said they believed they were “facing deception” before a possible “surprise attack” from the United States, making clear that Tehran does not think Washington is negotiating in good faith.

Oil rises and U.S. gas stays high as war pressure hits energy markets

Meanwhile, West Texas Intermediate futures for May delivery surged by about 6% to $88.93 a barrel by press time. Brent crude for June delivery gained nearly 5.63% to $95.48.

Energy Secretary Chris Wright had said on Sunday that U.S. gas prices may not fall below $3 a gallon until next year as the war with Iran and the closure of the strait keep hitting energy markets. On CNN’s State of the Union, Chris said:

“I don’t know, that could happen later this year, that might not happen until next year, but prices have likely peaked. Certainly with a resolution of this conflict, energy prices will go down. Under $3 a gallon is pretty tremendous in inflation-adjusted terms. We had that in the Trump administration, but we hadn’t seen that in inflation-adjusted terms for quite a long time. We’ll get back there for sure.”

Regular unleaded in the United States averaged $2.90 a gallon on Feb. 1, according to GasBuddy. Since the war began on Feb. 28, the average has climbed to about $4.04 a gallon, according to AAA.

Your bank is using your money. You’re getting the scraps. Watch our free video on becoming your own bank

The cloud development platform Vercel’s security incident has prompted alarm in the crypto industry, following the company’s disclosure that attackers compromised parts of its internal systems through a third-party AI tool.

Because many crypto projects rely on Vercel to host their user interfaces, the breach highlights just how dependent Web3 teams are on centralized cloud infrastructure. That reliance creates an often overlooked attack surface—one that can sidestep traditional defenses like DNS monitoring and directly compromise frontend integrity.

Vercel said Sunday that the intrusion originated from a third-party AI tool linked to a Google Workspace OAuth app. That tool had been breached in a larger incident affecting hundreds of users from multiple organizations, the company said. Vercel confirmed a limited subset of customers was affected, and its services stayed operational.

The company has engaged external incident responders and alerted the police while also investigating how the data may have been accessed.

Access keys, source code, database records, and deployment credentials (NPM and GitHub tokens) were listed for the account. But these are not independently established claims.

As proof, one of those sample items included about 580 employee records with names, corporate email addresses, account status, and activity timestamps, along with a screenshot of an internal dashboard.

Attribution remains unclear. Individuals connected to the core ShinyHunters group denied involvement, according to reports. The seller also said it contacted Vercel, demanding a ransom, though the company has not revealed whether negotiations were conducted.

Third-party AI compromise exposes hidden infrastructure risk

Rather than attacking Vercel directly, attackers have leveraged OAuth access linked to Google Workspace. A supply-chain weakness of this nature is trickier to identify, as it depends on trusted integrations rather than obvious vulnerabilities.

Theo Browne, a developer known in the software community, said those consulted indicated Vercel’s internal Linear and GitHub integrations bore the brunt of the problems.

He observed that environment variables marked as sensitive in Vercel are safeguarded; other variables that were not flagged must be rotated to avoid the same fate.

Vercel followed up on this directive, urging customers to review their environment variables and utilize the platform’s sensitive variable feature. That kind of compromise is particularly worrying because environment variables often contain secrets such as API keys, private RPC endpoints, and deployment credentials.

If these values were compromised, attackers might be able to alter builds, inject malicious code, or gain access to connected services for broader exploitation.

Unlike typical breaches that target DNS records or domain registrars, the compromise at the hosting layer occurs at the build pipeline level. That allows attackers to compromise the actual frontend delivered to users rather than merely redirecting visitors.

Certain projects store sensitive configuration data in environment variables, including wallet-related services, analytics providers, and infrastructure endpoints. If those values were accessed, teams may have to assume that they were compromised and rotate them.

Frontend attacks have already been a recurring challenge in the crypto space. Recent incidents of domain hijacking have led to users being redirected to malicious clones designed to drain wallets. But those attacks usually come at the DNS or registrar level. These changes can often be detected quickly with monitoring tools.

A compromise at the hosting layer differs. Rather than directing users to a phony site, attackers modify the actual frontend. Users may encounter a legitimate domain serving malicious code, but will have no idea what is happening.

Investigation continues as crypto projects review exposure

How far the breach penetrated, or whether any customer deployments were changed, is unclear. Vercel said its investigation is ongoing and it will update stakeholders as more information becomes available. It also said affected customers are being contacted directly.

No major crypto projects have publicly confirmed receiving notification from Vercel as of publication time. But the incident is expected to prompt teams to audit their infrastructure, rotate credentials, and examine how they manage secrets.

The bigger lesson is that security in crypto frontends doesn’t end at DNS protection or smart contract audits. Dependencies on cloud platforms, CI/CD pipelines, and AI integrations further increase risk.

When one of those trusted services is compromised, attackers could exploit a channel that bypasses traditional defenses and directly affects users.

The Vercel hack, tied to a compromised AI tool, illustrates how supply-chain vulnerabilities in modern development stacks can have cascading effects throughout the crypto ecosystem.

If you're reading this, you’re already ahead. Stay there with our newsletter.

KelpDAO’s $300 million exploit now looks more like a Layer 2 failure than a direct break on the Ethereum mainnet, as fears of DeFi contagion from interactions across chains rise in the community.

Sources who have been granted anonymity reached out to Cryptopolitan and said they had “confidence that Core L1 ETH is not impacted” and that the issue “sits on L2s.”

The attack began after a wallet funded through Tornado Cash’s 1 ETH pool waited about ten hours, then called lzReceive on LayerZero’s EndpointV2 contract. That triggered KelpDAO’s bridge logic and released 116,500 rsETH to an attacker’s wallet.

The tokens were worth about $292 million and made up roughly 18% of rsETH’s circulating supply of around 630,000. Two more packets then targeted 40,000 rsETH each, or roughly another $100 million combined, but both reverted after KelpDAO’s emergency multisig executed pauseAll.

Source: ZachXBT/X

If both extra attempts had worked, the total loss would have reached about $391 million, according to the sources.

Attackers dump rsETH into Aave and rattle ZRO

The stolen rsETH was deposited into Aave V3 as collateral, then used to borrow large amounts of ETH and WETH, with funds routed back through Tornado Cash. That raised the risk of bad debt at Aave, with estimates putting the exposure at up to $177 million.

Aave then froze all rsETH markets on both V3 and V4 and said the flaw was in rsETH, not in its own contracts. SparkLend shut its rsETH market. Fluid froze activity. Upshift paused both High Growth ETH and Kelp Gain vaults. Exposure also ran through products tied to Pendle, Compound, Euler, Beefy, and Yearn.

The private briefings reviewed by Cryptopolitan point in a narrower direction than the market panic first suggested.

Our sources said L1 rsETH remains fully backed and that the relevant Aave market is “completely solvent.” One message said weETH is not affected, liquid vault management is operating as normal, and LiquidETH and LiquidUSD users will not face drawdowns because excess borrow costs from the Aave spike will be covered.

“Out of an abundance of caution, rsETH remains frozen across Aave V3 and V4 and exposure to the incident is capped. WETH reserves also remain frozen across affected markets including Ethereum, Arbitrum, Base, Mantle, and Linea. Aave is actively validating information and assessing potential resolutions.”

– Aave

Early investigations said the problem was enabled by a 1-of-1 DVN setup on the Kelp rsETH Unichain to Ethereum route, which allowed unbacked tokens to be released on Ethereum without a legitimate source-side burn.

Another source told us that another platform’s own LayerZero OFT bridges use a minimum 2/2 DVN setup, scale to 3 on busier routes, and include inbound and outbound rate limits. That platform still paused all LZ OFT bridges as a precaution, but also froze its Teller contract, the module handling deposits, withdrawals, and share minting.

Protocols halt withdrawals and wait for liquidity

According to the sources, “borrow rates on Aave have spiked and Ethereum exit queue has filled which makes delevering harder/more expensive.” Another said Kelp had not yet decided how losses would be covered or socialized and that the best case would be for losses to land only on the L2s where the exploit happened.

Deposits were frozen because delayed oracle reports could create unfair share minting. Withdrawals were described as “technically not paused,” but they could not be processed without more clarity from Kelp and Aave.

Mellow is now looking for windows to exit, but has not been able to do so because premiums to swap from stETH to ETH were too high and the Ethereum exit queue was clogged. Teams held back oracle updates because they did not know how to price rsETH after the losses.

One source said, “We just don’t know how to price rsETH.” Another said, “0 news so far,” when asked about progress from Kelp or Aave. In one worst case, losses were estimated at around 9,000 ETH. 

Another estimate put a possible 6.2% hit on top-level depositors if losses reached L1 and broader backstops were not used. Separate messages said incoming protocol liquidity may arrive by Tuesday or Wednesday to help process larger withdrawals.

EtherFi has told its users on X that:

“EtherFi Liquid vaults are unaffected by the recent Kelp rsETH incident. Liquid vault users will not experience any drawdowns.”

Meanwhile, as all this is happening, we also received knowledge that Vercel has been breached and that the attacker has listed their customers’ data, source code, databases, and keys up for sale.

Source: Vercel

Vercel has already announced publicly on Telegram that they “identified a security incident involving unauthorized access to their internal systems.”

If you want a calmer entry point into DeFi crypto without the usual hype, start with this free video.

Nearly every major company in America has rushed to put artificial intelligence agents to work over the past year, but the technology is delivering far less than promised while creating serious new problems inside organizations, according to new research and industry experts.

Almost all business leaders, 97 percent, say their companies put AI agents into operation during the past 12 months, with 52 percent of employees already using them. But fewer than three in ten are seeing any real financial benefit from the expensive technology. 

The gap between what companies spent and what they got back has left 54 percent of top executives saying the whole effort is tearing their organizations apart.

“The biggest problem that we’re working with in AI right now” comes from companies thinking every task needs to run through costly AI systems, said Kevin McGrath, who runs AI startup Meibel. He told a Silicon Valley conference this week that businesses “just give all of your tokens and all of your money to an AI Claw bot that will just waste millions and millions of tokens.”

The warnings came during two separate technology gatherings in California this week, where engineers and company leaders laid out the real problems behind the AI agent hype.

 A survey of 1,200 top executives and 1,200 employees conducted by WRITER found that 79 percent of companies face challenges adopting AI, a double-digit jump from 2025. This is happening even though 59 percent spend more than one million dollars each year on AI technology.

Two-Thirds of companies report security breaches

The security picture looks alarming. Two-thirds of executives believe their companies have already experienced data leaks or security breaches because workers used unapproved AI tools.

 More than one-third, 36 percent, have no formal plan for watching over their AI agents. Another 35 percent admitted they could not immediately shut down an AI agent if it went rogue. Thirty-five percent of employees have entered company secrets into public AI tools.

Deep Shah, a software engineer at Google, explained that “there are multiple challenges you will find when you try to deploy that system at scale.” He pointed to costs as the first major obstacle. Running AI agents requires constant spending, and poorly designed systems end up burning cash instead of saving it.

The problem goes beyond technical issues. Three-quarters of executives confessed their company’s AI strategy exists “more for show” than as actual guidance for employees.

Nearly half, 48 percent, called their AI adoption efforts a “massive disappointment.” Another 39 percent lack any formal plan to drive revenue from AI tools. The pressure has gotten so intense that 73 percent of chief executives report stress or anxiety about their company’s AI strategy, with 64 percent fearing they could lose their jobs if they fail to lead the transition.

Only 29 percent see real returns despite heavy use

Meanwhile, a separate analysis by Lyzr AI based on 200,000 user interactions, 3,000 demo requests, and 2,000 conversations with business and tech leaders found that 62 percent of companies exploring AI agents lack a clear starting point. Another 41 percent treat them as side projects. Thirty-two percent stall after pilot programs and never reach full operation.

Chris Han, who helps run ThinkingAI in China, said popular tools like OpenClaw cannot meet corporate needs. Business users need to figure out memory management, agent teams, and communications, tasks that the current tools handle poorly.

Only 29 percent of organizations report significant returns from generative AI, and just 23 percent from AI agents, even though 70 percent of employees and 94 percent of top leaders use AI tools for at least 30 minutes every day. Sixty-four percent of executives spend two hours or more with the technology daily.

If you're reading this, you’re already ahead. Stay there with our newsletter.

Nvidia has released new gaming processors every single year since the 1990s. That streak ends now. 2026 marks the first year without a fresh GeForce lineup since the company’s founding.

“The gaming segment is no longer the driving force of the company. There was one point when it clearly was,” said Stacy Rasgon of Bernstein Research as reported by CNBC.

The opening looked perfect for competitors. Nvidia made its name selling graphics processing units that let video games run faster and look better. When the company launched its first GPU in 1999, the GeForce 256, it nearly went bankrupt making it happen. 

Gamers saved the company by snapping up the new technology. Now those early supporters feel abandoned as Nvidia chases bigger profits elsewhere.

The company’s computer and networking division, which makes AI chips, averaged a 69% profit margin over three years. The graphics segment aimed at gamers only managed 40%. A single Blackwell AI chip costs up to $40,000, while gaming cards sell for $299 to $1,999.

AMD and Intel can’t take the advantage

This should have opened the door for rivals AMD and Intel to win over frustrated gamers. Instead, both face the exact same problem strangling Nvidia’s gaming business: a severe shortage of computer memory chips.

AMD’s Radeon RX 9000 series saw price increases between 10% and 17% across all models. The flagship Radeon RX 9070 XT jumped 17%, while the Radeon RX 9060 XT 8GB rose a more modest 10%. The Radeon RX 9060 XT 16GB landed at 14% because it carries twice the memory.

David McAfee, who oversees AMD’s Radeon division, told Gizmodo during CES 2026 the company works closely with memory suppliers to keep prices reasonable for everyday buyers. But he admitted sustaining these efforts remains unrealistic amid the ongoing shortage.

Intel faces even worse setbacks. The company planned to launch an Arc B770 gaming card built on its BMG-31 chip with 32 Xe Cores and 16GB of memory. Reports pointed to a potential first quarter 2026 release. That launch is now cancelled.

Instead, Intel will release the Arc Pro B70 workstation card with 32GB of memory, aimed at AI work rather than gaming.  Intel scrapped the gaming version due to a “lack of financial viability.” With memory shortages and massive price hikes, it no longer makes sense to release an affordable card.

Memory shortage cripples entire industry

Behind all this sits a brutal reality: computer memory is scarce and getting worse. Nvidia plans to cut gaming GPU production by up to 40% because it cannot get enough memory chips. As reported by Cryptopolitan Micron has warned of near-permanent memory shortage affecting the industry.

Research firm Gartner predicts the shortage will push computer prices up 17% this year, causing PC shipments to drop 10.4%. The firm expects entry-level consumer PCs to disappear entirely by 2028.

“If there is push-outs or delays on the gaming roadmap, it’s probably in large part that they probably can’t make the cards anyways because it’s hard to get the memory,” Rasgon explained. “Every bit of memory that’s out there, I think is really getting prioritized to AI compute.”

Making high-performance AI processors requires High Bandwidth Memory, which takes about four times as many silicon wafers to produce compared to regular memory chips. This is why memory problem hits all chipmakers equally.

“That dynamic is starving the overall industry of the type of memory that is traditionally used for more consumer type applications. It’s just not available,” Rasgon said.

“If Nvidia can’t get the memory, AMD ain’t going to get the memory,” he added.

Gamers hoped competition would save them when Nvidia shifted focus. Tim Gettys, who co-hosts the Kinda Funny Games podcast, said AMD and Intel could have filled the gap.

“If they’re making three times the money and the stockholders are three times happier, then yeah, I do think that they will abandon gaming despite it being what got them there,” Gettys said. “There’s a clear favorite,” Gettys noted. “If you’re playing on PC, you’re going to want an Nvidia card.”

If you're reading this, you’re already ahead. Stay there with our newsletter.