သတင်း

Aster (ASTER) is set to unlock approximately 164.67 million tokens on May 17 at 0:00 UTC+8. According to ChainCatcher, this unlock is valued at around $116 million. The event is part of the token's planned release schedule, impacting its circulating supply.

Tokenized stock spot trading volume reached $15.12 billion in the first quarter of 2026, according to CoinGecko data. This figure surpasses the $14.84 billion recorded in the second half of 2025. According to NS3.AI, the broader tokenized real-world asset (RWA) market experienced a significant increase of 256.7% over 15 months, reaching $19.32 billion by the end of the first quarter of 2026.

According to Odaily, FOX journalist Charles Gasparino has revealed that the U.S. Commodity Futures Trading Commission (CFTC) and the U.S. Securities and Exchange Commission (SEC) are enhancing their collaboration on the regulatory boundaries of prediction markets. The agencies have maintained a unified stance in recent investigations into unusual trading related to the Iran conflict.

Gasparino noted that while prediction markets are generally perceived to be under the CFTC's jurisdiction, the SEC becomes significantly involved when prediction contracts could legally be classified as "securities." He also mentioned that beyond the currently public cases, regulatory bodies may initiate more enforcement actions concerning prediction markets in the future.

According to Odaily, CZ stated on the latest episode of the Crypto Banter podcast that during his clemency request process, he faced strong opposition and lobbying from some of his competitors among US centralized cryptocurrency exchanges.
CZ said, "The other crypto exchanges in the US don't want me to get a pardon," and claimed these competitors exerted pressure through lobbying during the relevant US procedures.

According to Cointelegraph, Strategy CEO Phong Le said the company will sell Bitcoin only under specific conditions: to fund the 11.5% dividend on its Series A Perpetual Stretch Preferred Stock (STRC) and to defer or offset taxes — and only when such sales are accretive to shareholders by increasing BTC per share. Le dismissed concerns over market impact, noting that Bitcoin's roughly $60 billion in daily trading volume can absorb the more than $1 billion in annual dividends Strategy owes. The comments follow remarks by co-founder Michael Saylor, who said during a Tuesday earnings call that the firm may sell BTC periodically to fund dividends, potentially without issuing new equity. Strategy holds 818,334 BTC, valued at over $66 billion.

Malaysian Prime Minister Anwar Ibrahim is set to reveal a strategy aimed at stabilizing the nation's oil supply in response to ongoing uncertainties linked to the conflict in Iran. Bloomberg posted on X, highlighting the significance of this move as Malaysia seeks to mitigate potential disruptions in its energy sector. The plan comes amid heightened tensions in the Middle East, which have raised concerns over global oil markets and supply chains. Details of the strategy are expected to address both immediate and long-term challenges faced by Malaysia in securing its energy needs.

Several protocols with a total value locked (TVL) of approximately $2 billion have announced their migration to Chainlink CCIP, according to ChainCatcher. This includes KelpDAO with $1.5 billion, SolvProtocol with $600 million, and re with $200 million.

Currently, major assets still utilizing the LayerZero OFT standard include USDe/sUSDe from Ethena, weETH from Etherfi, USDT0 from Tether, thBILL from Theo, and WBTC from Bitgo. The specific migration progress will depend on announcements from the respective projects.

LayerZero recently issued an apology for poor communication regarding a security incident over the past three weeks. The company acknowledged that its internal RPC was attacked by the Lazarus Group and admitted to mistakenly allowing LayerZero Labs DVN to act as a 1/1 verification node for high-value transactions, which posed a single-point risk.

This week, geopolitical tensions slightly eased following the announcement of a three-day ceasefire in the Russia-Ukraine conflict, despite earlier retaliatory strikes stemming from U.S.-Iran tensions. According to PANews, the U.S. Dollar Index experienced volatility throughout the week, closing at 97.84 on Friday, marking its second consecutive weekly decline. Gold prices rose by 2.17%, closing at $4,715.49 per ounce on Friday. Global commodities and currency markets saw significant fluctuations during the week. In the international oil market, geopolitical risk premiums notably collapsed. Brent crude oil prices fell below $95 due to heightened expectations of a U.S.-Iran ceasefire, while WTI crude oil also dropped, reaching the $90 mark.

Wasabi Protocol has released an update regarding a security incident involving a vulnerability in its AWS infrastructure. According to ChainCatcher, attackers exploited a configuration flaw in the Spring Boot Actuator, allowing them to steal private keys controlling EVM smart contracts. This breach resulted in the theft of approximately $4.8 million in user funds and $900,000 from the protocol's treasury.

The attack began with a public server used for analysis, where the Actuator heap dump was not adequately password-protected. This oversight enabled attackers to obtain credentials for another server, ultimately gaining control over the smart contract private keys. The incident affected EVM deployments, including those on Ethereum, Base, Blast, and Berachain, while Solana deployments and Prop AMM remained unaffected.

Wasabi Protocol has not yet finalized a compensation plan for affected users but emphasized that compensating all impacted users is a top priority. The team plans to provide updates on the investigation's progress through their Discord community.

Polymarket has announced recent updates to its platform, including measures to mitigate latency spam to ensure smooth order placement and cancellation. According to Odaily, the platform has also resolved issues related to 'insufficient balance/authorization' errors. A core issue affecting limit buy orders is expected to be fixed in the coming days.

Additionally, Polymarket has identified and banned several clusters of 'ghost-fill' accounts. These accounts were created before the deposit wallet system was launched. Any account exhibiting 'ghost-fill' behavior will be identified and banned, and the deposit wallet system will prevent these accounts from creating new ones in bulk. More updates are expected in the coming week to address remaining issues.

The ETF Store President Nate Geraci recently commented on the X platform regarding a speech by U.S. SEC Commissioner Hester Peirce. According to Odaily, Peirce mentioned that regulatory bodies are working to strike a balance between regulation and innovation.

Geraci speculated that this statement might be related to prediction market ETFs, suggesting that such ETF products could be launched soon.

zkSync is set to unlock approximately 17.314 million tokens on May 17 at 0:00 UTC+8. According to ChainCatcher, this token release is valued at around $3.23 million. The data comes from Web3 asset data platform RootData.

Spark Protocol (SPK) is set to unlock approximately 278.91 million tokens on May 17 at 0:00 UTC+8. According to ChainCatcher, this token release is valued at around $10.83 million. The unlocking of such a substantial number of tokens could have implications for the market dynamics of Spark Protocol.

Editor’s Note: As DeFi hacks accelerate in the age of AI, this article by sysls examines how protocols can rethink security through layered defenses, operational discipline, and survival-focused design. Binance News publishes this article with the author’s approval.
Disclaimer: This article includes third-party opinions and does not constitute financial advice. The content does not represent Binance's position.
Introduction
Building @openforage and reading the myriad hacks of DeFi protocols have put the fear of "state actors" in me. They are sophisticated, well-resourced, and play the extreme long game; super-villains singularly focused on combing every crevice of your protocol and infrastructure for exploits, while your average protocol team has their attention split six ways running the business.
I don't pretend to be a security expert, but having led teams in high-stakes environments (both in the military and in high finance with large sums of money), I am a seasoned operator in thinking about and planning for contingencies.
I truly believe only the paranoid survive. No team ever sets out thinking "I am going to be careless and lackluster about my approach to security"; and yet hacks happen. We need to do better.
AI Means This Time It's Different

 
Hacks are not uncommon, but the frequency has clearly increased. Q1 of 2026 is the highest ever recorded number of DeFi hacks, and while Q2 has JUST begun, it is already on track to break the previous quarter's results.
My central hypothesis is that AI has drastically reduced the cost of combing for exploits, and greatly increased the attack surface. A human takes many weeks to comb through the protocol settings of a hundred protocols for misconfigurations; the latest foundation models do it in a few hours.
This should drastically change the equation of thinking about and reacting to hacks. Older protocols, used to security measures from before AI got competent, are increasingly at risk of being smoked.
Thinking In Surfaces & Layers




The surface area of hacks reduces to, in practice just three: Protocol Team, Smart Contracts & Infrastructure, User Trust Boundaries (DSN, Social Media, etc).
Once you've identified the surfaces, layer in defenses:
• Prevention: Processes that, if followed, minimize the probability of being exploited.
• Mitigation: Prevention has failed. Limit the damage.
• Halt: Nobody makes their best decisions under pressure. Master kill switch the moment you confirm an attack. Freezing prevents further damage and buys space to think and...
• Retake: If you've lost control of toxic or compromised components, jettison and replace them.
• Recovery: Seize back what you've lost. Plan ahead for contacting institutional partners that can freeze funds, undo transactions, and aid investigation.
Principles
These principles guide the actions we can take to implement the layers of defences.
Use Frontier AI Liberally
Use frontier-model AI liberally to scan your codebase and configs for vulnerabilities, and to red-team across a large surface area: try to find vulnerabilities in your frontend; see if they reach your backend. Attackers are going to do this. What your defensive scan can find, their offensive scan would have found.
Use skills like pashov, nemesis and AI platforms like Cantina (Apex) and Zellic (V12) to quickly scan your codebase before committing to full audits.
Time And Friction Are Good Defenses
Layer in multi-step processes with timelocks for anything potentially damaging. You want plenty of time to step in and freeze once you smell something.
The old argument against timelocks and multi-step setters was the friction they create for protocol teams. You have much less to worry about now: AI can easily click through these frictions in the background.
Invariants
Smart contracts can be built defensively by writing down the immutable 'facts' that, IF broken, break the entire logic of your protocol.
The crown invariant of @openforage centers on solvency (if total asset backing falls below total claims, the protocol collapses):
VaultAssets + DeployedAssets >= OutstandingClaims
You typically have a handful of invariants. Promote them to code sparingly; enforcing multiple per function gets unwieldy.
Balance Of Powers
Many hacks come from compromised wallets. You want configurations where even if a multisig is compromised, you can arrest damage quickly and bring the protocol to a state where governance can make decisions.
This requires a balance between GOVERNANCE, which decides everything, and RESCUE, the abilities to restore governable stability (without being able to replace or overthrow governance itself).
Something Is Going To Go Wrong
Start with the assumption that however smart you are, you will get hacked. Your smart contracts or dependencies might fail. You might get social engineered. A new upgrade might introduce a vulnerability you weren't prepared for.
Once you think this way, rate limits that throttle damage and circuit breakers that lock down the protocol become your best friends. Limit damage to 5-10%, freeze, then game out your response. Nobody makes their best decisions with bullets in the air.
The Best Time To Plan Is Now
The best time to think about your response is before you get hacked. Codify as much of the process as possible and rehearse with your team so you are not scrambling at impact. In the age of AI, that means having skills and algorithms that surface as much information as possible, as fast as possible, sharable in both summary and long form to your inner circle.
The Name Of The Game Is Survival
You don't need to be perfect, but you sure as hell need to survive. No system is impenetrable from day 1; through multiple iterations, you become anti-fragile by incorporating lessons.
The lack of evidence of being hacked is not evidence that you are not susceptible. The point of maximum comfort is going to be the point of maximum danger.
Preventions
Smart Contract Design
Once you've identified the invariants, promote them into runtime checks. Think carefully about what invariants are actually practical to enforce.
This is the FREI-PI (Function Requirements, Effects, Interactions, Protocol Invariants) pattern: at the end of every function that touches value, re-verify the crown invariants the function promised to preserve. Many drains (flash-loan sandwiches, oracle-assisted liquidation griefs, cross-function solvency drains) that pass CEI (Checks-Effects-Interactions) get caught by an end-of-function invariant check.
Good Testing
Stateful fuzzing builds random sequences of calls against the protocol's full public surface, asserting invariants at each step. Most production exploits are multi-transaction, and stateful fuzzing is just about the only reliable way of finding those paths before the attackers do.
Use invariant tests that assert a property holds for ANY call sequence the fuzzer can generate. Complement with formal verification, which proves a property across all reachable states. Your crown invariants absolutely should get this treatment.
Oracles And Dependencies
Complexity is the enemy of security. Every external dependency extends the attack surface. If you're designing primitives, push the choice of who and what to trust to users. If you can't remove dependencies, diversify them so no single point of failure craters your protocol.
Extend your audits to model the ways your oracles and dependencies can fail, and apply rate-limits to how much catastrophe can be done IF they do.
The latest KelpDAO exploit illustrates: they inherited the LayerZero default of requiredDVNCount=1, and that config lived outside their audits. What eventually got compromised was off-chain infrastructure outside the scope of audits they had commissioned.
Attack Surfaces
Most attack surfaces in DeFi are already enumerated. Walk down every category, ask if it applies to your protocol, and implement the control that addresses the attack vector. Build red-team skills that force your AI agents to look for exploits in your protocol; this is table-stakes at this juncture.
Having Native Rescue Abilities
In voting-based governance, power starts concentrated in the team's multisig and takes time to diffuse. Even with broad token distribution, delegation tends to funnel authority into a small set of wallets (sometimes n=1). When those get compromised, it's game over.
Deploy "guardian wallets" with a strictly narrow mandate: they can ONLY PAUSE the protocol, and at a >=4/7 threshold can rotate compromised delegations to PRE-DEFINED replacement wallets in EXTREME situations. Guardians never enact governance proposals.
This way, you have a rescue tier that can always restore governable stability without power to overthrow governance. The checkmate scenario, losing >=4/7 guardians, has minuscule probability given holder diversity, and the whole layer can be phased out once governance is mature and diversified.
Wallet And Key Topology
Multisig wallets are table stakes, minimum 4/7. No single human controls all 7 keys. Rotate signers liberally, and quietly.
A key should never interact with a device used for day-to-day tasks. If you browse the internet, use email, or have Slack on your signing device, take it as given that signer is already compromised.
Have multiple multisigs, each with a distinct purpose. ASSUME at least one entire multisig will be compromised, and plan from there. No single person should have enough control to compromise the protocol, even under extreme scenarios (kidnapping, torture, etc.).
Think About Bounties
I really enjoyed Nascent's article on bounties. If you have resources, it is well-worth placing a large bounty on exploits relative to protocol TVL, but even if you are a fairly small protocol, the bounty on exploits should still be as generous as possible (e.g. 7-8 figs min).
If you're dealing with state-sponsored attacks they are not interested in negotiating, but you can still engage in "White Hate Safe Harbor" programs that authorizes white-hats to act on your behalf in securing the fund for a % fee of the exploit (effectively a bounty paid by depositors).
Find Good Auditors
I wrote earlier that as LLMs get smarter, the marginal value of engaging an auditor decreases. I still stand by that, but my views have shifted.
First, good auditors stay ahead of the curve. If you're doing something novel, your code and its exploit may not be in training data, and throwing more tokens has not yet proven effective at finding novel solutions. You don't want to be sample point one for a unique exploit.
Second, and underappreciated: engaging auditors stake their reputation on the line. If they sign off and you get exploited, they're highly incentivized to help. A relationship with people whose literal job is security is a boon.
Practice Operational Security
Treat operational security as a success metric. Play out phishing drills; pay a (trusted) red team to try and social-engineer the team. Have spare hardware wallets and devices lying around to replace entire multisigs. You don't want to scramble to buy these on D-day.
Mitigation
Your Exit Path Is Your Loss Ceiling
The capped size of any path that moves value out of your protocol is the maximum theoretical loss from a bug abusing that path. Plainly: a mint function without a per-block cap is a blank check to any infinite-mint bug. A redemption function without a weekly cap is a blank check to any asset-balance corruption.
Think judiciously about explicit numbers on the size of your exit paths. That number balances the maximum damage you're willing to lose against the most extreme UX requirements of your users. IF something falls through, this is what saves you from complete destruction.
Allowlists (And Denylists)
Most protocols have lists of what can be called, traded, or received from, and lists of what users really DO NOT do. Even when implicit, these are trust boundaries that SHOULD be formalized.
Formalizing them lets you set 2-stage setters that create meaningful friction. An attacker would first need to add to the allowlist (and/or remove from the denylist) and THEN act. Having both means an attacker sneaking in a new vector has to defeat both processes: the market must be allowed (integration/listing), AND the action must not be forbidden (security review).
Retake
Algorithmic Monitoring
A kill-switch is useless if nobody is watching. Off-chain monitors should watch the crown invariants continuously and escalate algorithmically once something is wrong. The path should end at the humans of the guardian multisigs with enough context to make the call in minutes.
Stop To Recalibrate
If you get shot, you stop the bleeding, not make decisions while your life counts down. With protocols, that's a kill switch (reflect it on the UI too): a single button halting every value-moving path in one transaction. Prepare a "pause everything" helper script that enumerates the pausable set and halts them atomically.
Governance is the only way to unpause, so the kill switch must not halt governance itself. If the guardian tier can pause the governance contract, a compromised guardian tier can deadlock recovery permanently.
Launch Your War Room
Freeze, stop the bleeding, then put everyone you trust (small circle, pre-agreed) into a communication channel. You want the surface small to keep information from leaking to attackers, the public, or bad-faith arbitrageurs.
Role-play the roles your team needs: a shot-caller making decisions; an operator well-rehearsed at executing defensive scripts and halts (the shot-caller seconds); someone reconstructing the exploit and identifying root cause; someone on comms with key parties; someone scribing observations, events, and decisions over time.
When everyone knows their role and has rehearsed, you react by process rather than scramble at the worst possible time.
Think About Knock-On Effects
Assume your attackers are sophisticated. The first vulnerability may be a distraction, or a seed for more. The exploit may be bait to make you do the exact wrong thing that triggers the true exploit.
Halts must be well-studied, fully contained, and not exploitable themselves. A halt should be a full protocol freeze: you don't want to be baited into halting one component in a way that opens another. Once you have root cause and attack vector, explore adjacent exposed surfaces and knock-on effects, and patch them all at once.
Rotate Pre-committed Successors
Rotation is only safe if the replacement is known in advance. I like the idea of a pre-committed successor registry: it makes it much harder for an attacker to swap a healthy guardian/governance wallet for a compromised one. This is in line with the "Allowlists/Denylists" philosophy in mitigation.
For every important role, register a successor address. The only rotation primitive the emergency tier can execute is "replace role X with its successor". This also lets you evaluate successors during peace time: take your time, do diligence, fly over and meet the person making the request.
Test Judiciously Before Upgrading
Once you've identified the root cause and splash zone, you'll need to ship an upgrade. This is probably the most dangerous code you will ever deploy: written under pressure, against an attacker who has already proven they understand your protocol enough to find bugs.
Delay shipping without extensive testing. If you have no time for an audit, lean on white-hat relationships, or put up a 48-hour contest before deployment to get a fresh adversarial read before it goes live.
Recovery
Move Fast
Stolen funds have a half-life; once the exploit lands, they move rapidly down the laundering pipeline. Have a chain-analytics provider like Chainalysis on standby to label the attacker's address cluster across chains, so they can be flagged with exchanges in real time and tracked as they hop.
Reach out to SEAL911 immediately!
Pre-make a list of centralized exchange compliance desks, contract bridges, custodian admins, and other third parties with admin levers to freeze cross-chain messages or specific deposits in flight.
Negotiate
Yes, it stings, but you should still attempt to talk to the attacker. Most things in life can be talked down. Offer a time-bound white-hat bounty paired with a public statement committing to no legal action if funds are returned in full by a deadline.
If you're dealing with a state actor you're probably out of luck, but you might be dealing with less sophisticated actors who just found a way to exploit you AND want to get away with it cheaply.
Before you do this, have legal counsel in the room.
Conclusion
The hacks won't stop, and as AI gets smarter there will be more of them. It's not enough for defenders to "get sharper." We need to use the same tools attackers use, red-team our protocols, monitor continuously, and put hard limits on damage so we survive the worst.
Special thanks to the team from @nascent for their thought provoking and forward looking articles on protocol security, and @delitzer for his brilliant feedback on the article and OpenForage. Likewise, thanks to @sohkai and @dbarabander for thoughtful feedback on article structure and clarity.

Rwanda's lower house of parliament has approved a bill on May 5 aimed at regulating virtual asset transactions, protecting investors, and maintaining financial system stability. According to Foresight News, the legislation stipulates that individuals operating virtual asset businesses without authorization could face imprisonment of three to five years and fines ranging from 30 million to 50 million Rwandan francs. Companies could be fined up to 100 million Rwandan francs. The Capital Markets Authority will serve as the primary regulatory body, working in coordination with the National Bank of Rwanda for enforcement. The bill awaits the president's signature and will take effect once published in the official gazette. Detailed implementation guidelines will be developed after the law comes into force.

SEC Commissioner Hester Peirce expressed concerns over certain speculative phenomena in the current market, likening some financial products to lotteries that spark hopes of short-term wealth but may fade as investor interest wanes. According to ChainCatcher, Peirce anticipates that the underlying legal, technical, and market infrastructure of these products could be repurposed for more sustainable investment and risk management solutions in the future. Alex Thorn, Head of Research at Galaxy Digital, shared Peirce's views, while Nate Geraci, President of The ETF Store, praised the SEC's balance between regulation and innovation. Geraci speculated that the controversial products Peirce referred to might be 'prediction market ETFs,' which he expects will soon be approved for listing.

BitGo CEO Mike Belshe has contested warnings that quantum computing could compromise Bitcoin wallet security by 2030. According to NS3.AI, Project Eleven emphasized that the more significant challenge lies in coordinating the transition to post-quantum cryptography among users, exchanges, custodians, and miners.

A notable transaction has occurred in the Polymarket prediction event for the UFC 328 flyweight championship between Tatsuro Taira and Joshua Van. According to Odaily, an account with losses exceeding $1.96 million has invested $156,000 on Tatsuro Taira to win, with an opening price of 60¢.

Tatsuro Taira holds a professional record of 18 wins and 1 loss, having earned the challenge opportunity after a second-round knockout of Brandon Moreno in December 2025. Current champion Joshua Van boasts a record of 16 wins and 2 losses, known for his frequent striking and takedown defense. The match was initially scheduled for UFC 327 but was postponed by a month due to Van's injury.

Bank of America (BAC) has revised its forecast, now predicting that the U.S. Federal Reserve will delay interest rate cuts until the second half of 2027 due to persistent inflation and strong employment growth. According to PANews, BAC's global research team had previously anticipated rate cuts in September and October this year, partly based on the expectation that U.S. President Donald Trump would nominate Kevin Warsh to replace Jerome Powell as Fed Chair, with Warsh expected to lead a shift towards looser monetary policy. However, changing economic conditions have altered this outlook. BAC economists stated in a report to clients on Friday, May 8, that they no longer expect the Fed to cut rates this year.

LienFi, an RWA protocol, has announced the minting of the first tokenized U.S. real estate tax lien on the Base network. According to Foresight News, this development marks a significant step in the tokenization of real-world assets, offering new opportunities for investors in the digital asset space.

Michael Saylor emphasized Bitcoin's ability to facilitate capital movement without dependence on individual banks or nations during a May 1 interview. According to NS3.AI, he described Bitcoin as a 'viral bank' maintained collectively in cyberspace, allowing users to swiftly transfer assets in times of crisis.

DeepBook has announced that operations have resumed following a temporary suspension due to insufficient collateral in the USDC margin pool, resulting in a loss of $239,700. According to Foresight News, the incident occurred around 11:18 on May 9. The DeepBook insurance fund has replenished the affected margin pool with the lost funds. Deposit and withdrawal functions are now operating normally.

WorldCoin has transferred 30 million WLD tokens to a custody wallet, according to BlockBeats On-chain Detection. The transaction, valued at $8.17 million, was sent to a Bitgo Custody address on May 10. The wallet now holds a total of 153.65 million WLD tokens.

Recent data from CryptoQuant indicates that the Bitcoin premium in the South Korean market has climbed back to approximately 2%, marking a new high since the onset of the U.S.-Iran conflict. According to Odaily, the 'kimchi premium' in South Korea is primarily driven by local demand, with the country's crypto market remaining relatively independent from global markets due to capital controls and residency-based KYC requirements.

Throughout 2025, Bitcoin prices in South Korea were generally higher than the global volume-weighted average price (VWAP). In October 2024, after Bitcoin surpassed its historical high of $126,000, the premium in South Korea briefly reached 8.27%. However, following the outbreak of conflict in the Middle East in 2026, market volatility in South Korea increased significantly, with a discount of approximately 2.27% observed in early March, followed by continued market fluctuations.

Iranian officials have stated that Iran will firmly respond to recent U.S. actions in the Hormuz Strait. According to Odaily, Iran intends to continue exercising its right to self-defense and remains vigilant against any further hostile actions by U.S. forces.

Israeli forces conducted airstrikes in southern Lebanon, resulting in at least 15 fatalities, including a child, and multiple injuries, according to Odaily. The Lebanese National News Agency and the Ministry of Health reported the attacks on October 9. In response, Hezbollah launched rockets at Israeli military vehicles and troop gatherings along the Lebanon-Israel border, citing violations of the ceasefire agreement.

North Korean hacker group Lazarus has adopted new methods in their malicious activities targeting developers, according to ChainCatcher. Research by OpenSourceMalware reveals that the group is hiding second-stage loaders in Git Hooks' pre-commit scripts during operations like 'Infectious Interview' and 'TaskJacker.' These attacks involve impersonating recruitment processes in the cryptocurrency and DeFi sectors to trick developers into cloning malicious code repositories, ultimately stealing crypto assets and credentials.

Researchers advise developers who are asked to clone code repositories as part of an interview process to be cautious of such risks. It is recommended to run these processes in isolated environments to avoid exposing personal browser configurations, SSH keys, and crypto wallets.

On May 10, USDC Treasury minted 250 million USDC on the Solana blockchain. According to BlockBeats On-chain Detection, this transaction was recorded six hours prior. Whale Alert, a platform that monitors large-scale cryptocurrency transactions, reported the minting activity, highlighting the ongoing developments in the digital currency space.

In the Polymarket prediction event for the NBA Western Conference Semifinals Game 3 between the Thunder and the Lakers, an account with losses exceeding $1.5 million (address: 0x492442eab586f242b53bda933fd5de859c8a3782) invested $130,000 on the Thunder to win with an 8.5-point spread against the Lakers, with an average opening price of 53¢, resulting in a floating profit of $1,200. The same account also invested $130,000 on the Thunder to win with a 9.5-point spread, at an average opening price of 49¢, yielding a floating profit of $1,300.

According to Odaily, the NBA Western Conference Semifinals Game 3 between the Thunder and the Lakers is scheduled to start at 8:30 AM (UTC+8) today. The Thunder currently lead the series 2-0. The Lakers' starting lineup includes LeBron James, Rui Hachimura, Deandre Ayton, Austin Reaves, and Marcus Smart, while the Thunder's starters are Luguentz Dort, Chet Holmgren, Isaiah Hartenstein, Donovan Mitchell, and Shai Gilgeous-Alexander.

The U.S. April Consumer Price Index (CPI) is anticipated to increase by 0.6% month-on-month, continuing the strong upward trend observed since March. According to Jin10, gasoline prices have surged over 50% since the escalation of Middle East tensions at the end of February, with the average price exceeding $4.50 per gallon, consequently driving up the costs of goods and services such as airfare. The core CPI, which excludes food and energy, is also expected to see a slight acceleration.

A survey by the University of Michigan indicates that consumer confidence has plummeted to a historic low, with household financial conditions and purchasing power under continuous pressure. Market research suggests that persistent inflation and only a slight slowdown in retail data reduce the urgency for the Federal Reserve to cut interest rates in the short term. If the core CPI remains robust in April, it may prompt the Fed to maintain its hawkish stance for a longer period.

Additionally, the Producer Price Index (PPI) for April, set to be released on Wednesday, is expected to rise by 0.5% month-on-month. Thursday's retail data will reveal the impact of high oil prices on consumer spending.

Bank of England Governor Andrew Bailey has expressed concerns that a stablecoin regime led by the United States might conflict with international standards and pose a risk of financial instability for the United Kingdom during a crisis. According to NS3.AI, Bailey highlighted that certain dollar-denominated stablecoins may face challenges in being converted directly into dollars without the involvement of a crypto exchange. This cautionary statement comes as the U.K. is in the process of developing its own regulatory framework for systemic stablecoins, which includes a requirement for maintaining at least 40% of reserves at the Bank of England.

Seven major Bitcoin mining pools have joined forces to form the Stratum V2 working group, aiming to establish an open standard for communication between pools and individual miners. According to NS3.AI, this initiative seeks to enhance efficiency and security in the mining process. Hashrate Index data reveals that Foundry currently controls nearly 30% of the global mining pool hashrate, while AntPool holds approximately 17.7%. CoinWarz projects that the upcoming Bitcoin difficulty adjustment in May will increase the difficulty from 132.47 T to 135.64 T. CoinShares reports that up to 20% of Bitcoin miners are operating at a loss under the prevailing market and economic conditions.

According to Cointelegraph, Iran's largest cryptocurrency exchange Nobitex — serving roughly 11 million users and recording approximately $5 billion in observed volume between 2025 and March 2026 per TRM Labs — has yet to receive an individual OFAC SDN designation despite extensive documented ties to sanctioned entities. Elliptic reported in January 2026 that Iran's central bank conducted at least $507 million in USDT purchases through a UAE broker, with funds directed primarily to Nobitex, effectively performing foreign exchange interventions outside the international banking system. The exchange's founders are linked to a prominent Iranian political and clerical family, and an early investor held ties to a company sanctioned for supplying Iranian drones to Russia. Source code leaked in June 2025 revealed built-in modules for stealth addresses, transaction batching, and compliance bypass. Analysts suggest OFAC's restraint may stem from the near-impossibility of separating state flows from the savings of millions of ordinary Iranian users — a structural problem the SDN mechanism, in its current form, has not resolved.

According to Cointelegraph, Consensys senior counsel Bill Hughes argued that passing the Digital Asset Market Clarity Act of 2025 (CLARITY) is essential to reshoring the crypto industry in the United States, warning that the Senate has only weeks to act before the August recess and the midterm election calendar effectively closes the legislative window. Hughes noted that while the US dollar accounts for over $2.4 trillion in crypto on-ramp volume between July 2024 and June 2025, the overwhelming share of trading activity occurs on foreign exchanges. Failure to pass the bill could push the next legislative opportunity to 2030, Hughes warned.

Chainlink (LINK) has climbed 15.27% over the past week, reaching an intraday peak of $10.6, its highest price in over three months. At press time, LINK traded at $10.48, up 6.38% in the last 24 hours, according to BeInCrypto. The rally is attributed to shrinking exchange reserves and increased social media chatter. Santiment reports that approximately 13.5 million LINK, or 10.5% of exchange-held coins, have been withdrawn in the past five weeks, indicating accumulation. Whale wallets have also increased their holdings by 23 million LINK, further supporting the trend.

Blockchain security firm CertiK forecasts that 2026 will end with 130 crypto wrench attacks, resulting in hundreds of millions in losses. According to BeInCrypto, the firm noted a 41% increase in such attacks in early 2026, with 34 verified incidents from January to April, causing estimated losses of $101 million. Europe saw a significant rise, accounting for 28 of the attacks, with France alone reporting 24 cases. CertiK attributes the surge to industry presence and data breaches, as attackers shift focus to the human layer of the crypto economy.

A flaw in Linux distributions released since 2017 is causing concern within the cryptocurrency sector due to its potential to escalate basic user access to full root control. According to NS3.AI, the Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability, referred to as 'Copy Fail,' to its Known Exploited Vulnerabilities catalog. The issue is particularly alarming for exchanges, validators, custody systems, and node operators, which heavily depend on Linux. A compromised server could lead to the exposure of keys, credentials, or core operations, posing significant risks to crypto infrastructure.

AI-driven deepfakes are increasingly posing a threat to various sectors, including crypto, as consumer-grade tools outpace institutional responses. In May 2026, AI-generated content appeared in politics, entertainment, and crime, according to BeInCrypto. Notably, a Chicago man lost $69,000 to a scammer using an AI-generated US Marshals badge. OpenAI's ChatGPT Images 2.0 can create fake IDs and bank alerts, complicating fraud prevention efforts. Chainalysis reports AI-assisted crypto scams average $3.2 million, highlighting the growing security risk.

Swiss campaigners have decided to abandon their efforts to initiate a referendum on the Swiss National Bank's (SNB) bitcoin reserves. According to NS3.AI, the campaigners were unable to gather the necessary 100,000 signatures, collecting only about half of the required amount. The proposed referendum aimed to amend the constitution to mandate the SNB to hold bitcoin in addition to its gold and foreign-currency reserves. However, the proposal did not specify the allocation of bitcoin within these reserves.