xpos

The GoPlus Security team has disclosed a new type of attack in its AgentGuard AI project: inducing AI agents to perform unauthorized sensitive operations through "memory poisoning." This attack method does not rely on traditional vulnerabilities or malicious code but exploits the long-term memory mechanism of AI agents. For example, an attacker first induces the agent to "remember preferences," such as "usually prioritizing proactive refunds instead of waiting for chargebacks," and then uses vague expressions like "process as usual" or "execute as before" in subsequent instructions, thereby triggering automated financial operations.GoPlus points out that the key risk in such cases lies in the AI agent mistakenly treating "historical preferences" as a basis for authorization, leading to financial losses or security incidents in operations such as refunds, transfers, and configuration changes. To address this issue, the team has proposed several protective recommendations, including:Operations involving refunds, transfers, deletions, or sensitive configurations must require explicit confirmation in the current session.Memory-related instructions like "habit," "usual way," and "as before" should be regarded as high-risk state changes.Long-term memory must have a traceability mechanism (writer, time, confirmation status).Vague instructions should automatically elevate the risk level and trigger secondary verification.Long-term memory must not replace real-time authorization processes.The team emphasizes that the "AI agent memory system" should be viewed as a potential attack surface and should be constrained and audited through a dedicated security framework.

Quantitative giant Jane Street disclosed in its latest 13F filing submitted to the SEC that it significantly reduced its exposure to Bitcoin ETFs in the first quarter of 2026, with its holdings in IBIT decreasing by approximately 71% to 5,872,212 shares, equivalent to about $225.6 million. The holdings in FBTC decreased by about 60% to 1,954,174 shares, equivalent to about $115 million.In addition, its holdings in MSTR also decreased by approximately 78% to 209,833 shares, equivalent to about $26.18 million.

The New York State Retirement Fund increased its exposure to Bitcoin by adding $41 million in MicroStrategy stock.

The Chief Information Security Officer of Slow Fog, 23pds, disclosed that a privilege escalation vulnerability named Dirty Frag has been exposed in Linux systems, with complete details and exploit code now public. This vulnerability allows any local low-privilege user to directly obtain root privileges on almost all mainstream Linux distributions. It is classified as a deterministic logic flaw, and the attack does not rely on complex race conditions, resulting in a very high success rate without causing kernel crashes, posing significant danger. Linux users are advised to upgrade their systems promptly.

According to Politico, Poland's major cryptocurrency exchange Zondacrypto is facing a serious fraud investigation. Its former CEO went missing in 2022, taking with him the private keys to a cold wallet containing 4,500 bitcoins (currently worth over $340 million). The current CEO has admitted to being unable to access the wallet and has recently been reported to have fled to Israel. Prosecutors estimate potential losses for customers to be around $97 million.On-chain data shows that the bitcoin balance in the platform's hot wallet has plummeted by 99.7% since mid-2024, with users generally reporting difficulties in withdrawing funds. Polish Prime Minister Tusk estimates that up to 30,000 users may be affected.Tusk publicly accused the platform of being funded by Russian-linked money, used to finance opposition lawmakers to obstruct Poland's cryptocurrency regulatory legislation. He bluntly stated that this is a "Polish version of a Ponzi scheme" and criticized the president for vetoing the localization of the EU MiCA framework twice, making Poland a "paradise for scammers."The platform's board stated that they failed to obtain "verifiable information" from the missing CEO and have collectively resigned. The founder has been missing since 2022, and the previously mentioned "suspect kidnapping allegations" case is still under investigation. This incident is expected to prompt Poland and the EU to strengthen regulatory scrutiny of cryptocurrency exchanges.

According to Jinshi News, Pepperstone analyst Michael Brown stated that traders may reduce their exposure to risk assets before the Federal Reserve announces its interest rate decision at 2 AM Beijing time on April 30. He pointed out that given the upcoming event risks, many participants will want to cut back on their positions. In addition, traders are also aware that there is still no good news regarding the Middle East conflict, with no signs of a US-Iran peace agreement, and the Strait of Hormuz remains blocked.

According to CoinDesk, while quantum computers cannot disrupt the Bitcoin mining mechanism or the blockchain ledger, they may potentially crack the elliptic curve encryption system that protects wallet ownership through Shor's algorithm. Currently, about 6.9 million BTC (approximately one-third of the total supply) face potential risks due to public keys being visible on-chain, including around 1 million early holdings by Satoshi Nakamoto; transactions generated after the Taproot upgrade in 2021 are also affected due to public key exposure.Ethereum has established a formal quantum resistance migration plan since 2018, with 4 full-time teams and over 10 independent development groups, and has launched a dedicated progress website at pq.ethereum.org. In contrast, Bitcoin currently lacks a unified response roadmap, and the existing BIP-360 proposal and BitMEX Research detection scheme have not received widespread support from core developers. Notable Bitcoin advocate Nic Carter pointed out that Bitcoin's response is "the worst," while Blockstream CEO Adam Back believes that current quantum systems are still in the laboratory stage, but he also agrees that optional upgrade solutions should be deployed in advance.Analysts point out that Bitcoin's anti-centralization governance culture makes coordinating large-scale security upgrades extremely difficult, and how to handle historical legacy issues such as Satoshi Nakamoto's holdings is particularly challenging. A related paper from Google warns that once quantum attacks become a reality, the window for response may have already closed.

According to The Information, Anthropic and OpenAI have both experienced security incidents, raising market concerns about the safety of AI models themselves.Currently, Anthropic is investigating potential unauthorized access to its Claude Mythos model by users. Almost simultaneously, OpenAI was also reported to have accidentally exposed several unreleased models in its Codex application. Industry opinions indicate that these vulnerability incidents have intensified scrutiny on the security governance capabilities of AI companies and reflect that the security systems of current AI technology still need improvement as it rapidly develops. Analysts believe that even AI model providers that focus on cybersecurity capabilities face significant security challenges themselves. As AI is gradually used to defend against cyberattacks, issues related to platform security and access control have also become critical risk points.

Lido has released the latest developments regarding the Kelp security incident, stating that its Earn series vaults are working with the management to address the issues, which involve two major risk points: the rsETH exposure and the liquidity tension in the lending market. Lido emphasizes that the core staking protocol has not been affected, and both stETH and wstETH remain safe and stable.Currently, only the EarnETH vault has an approximately 9% TVL exposure to rsETH, and related deposits and withdrawals have been suspended by the management, awaiting a solution. Approximately $70 million in ETH has been recovered from the previous attack, and the subsequent asset recovery and loss distribution are still in progress. In response to liquidity pressure, the management has reduced leverage and optimized the position structure, significantly decreasing the wETH debt exposure. If losses ultimately occur, EarnETH will activate a $3 million "first loss protection mechanism" (funded by the DAO). As for other vaults, DVV and EarnUSD have not been affected and are operating normally; the GGV sub-vault is currently experiencing negative returns due to the combination of circular staking strategies and rising lending rates, but adjustments are ongoing. Withdrawal requests submitted by users will be processed based on valuations prior to the incident.

According to Slow Fog CISO @im23pads's post on the X platform, Claude Desktop has been reported to secretly write a backdoor file into browsers. When users install the Claude Desktop application, it writes a special file to all Chromium-based browsers on the computer without the user's knowledge.This file acts as a pre-authorized backdoor, which, when used in conjunction with specific browser extensions, can gain complete control over the user's browser.

Lido stated on platform X that its EarnETH treasury was affected by the theft of 116,500 rsETH (approximately $29.2 million) from the Kelp DAO cross-chain bridge on April 18.EarnETH holds approximately $21.6 million in rsETH risk exposure through leveraged positions in rsETH/ETH on Aave, accounting for about 9% of the total assets in the treasury. The EarnETH team is currently actively deleveraging to reduce risk, and the outcome depends on the final decisions made by Kelp, LayerZero, and Aave regarding loss sharing and bad debt handling.Lido further stated that EarnETH has a $3 million "first loss protection mechanism" funded by the Lido DAO treasury, which will be used to cover losses if necessary. The treasury has currently suspended redemption processing to assess the losses. This incident does not affect stETH and wstETH, and the core staking protocol of Lido is not involved.

etherFi posted on platform X that its Liquid treasury is temporarily not directly exposed to the Kelp rsETH event risk, but as a precautionary measure, it has suspended the LayerZero cross-chain bridging functionality for weETH and eETH until the root cause of the Kelp rs ETH event is clarified. Meanwhile, for Liquid (ETH, BTC, USD), sETHFI, and eBTC products, the relevant Teller contracts have been suspended to block the LayerZero OFT bridging path, and the deposit and withdrawal functions for the related assets have also been suspended. They are currently working closely with security partners and will provide timely updates once more details are confirmed.

Michael Egorov, the founder of Curve Finance, posted on the X platform expressing hope that Aave can address the relevant issues. He pointed out that non-isolated lending has good scalability but carries higher risks, with the key being risk management, an area where Aave has historically performed well.He stated that the market can adopt a fully isolated model like that of Curve Finance or a hybrid model, although the latter is very complex, it is feasible. However, the market has yet to understand its advantages. Michael Egorov also mentioned that Aave v4's hub and spoke model might be a step towards a semi-isolated and safer direction.

Euler Labs announced on the X platform that as a precaution, the LayerZero OFT cross-chain bridge for EUL is temporarily suspended during the investigation into the cause of the rsETH incident, and emphasized that EUL has no exposure to this rsETH incident. An update will be released after the cross-chain functionality is restored.

Venus Protocol posted on platform X regarding the Kelp incident, stating that the platform has zero exposure to rsETH, has not incurred any bad debts, and user funds are safe.As a precaution, based on the recommendations of the risk management party Allezlabs, the platform has temporarily adjusted the collateral factors for the following six types of assets to 0: USDe, sUSDe, SolvBTC, xSolvBTC, USD1, XAUM. Users can still directly repay and withdraw the above assets through the Venus UI, and updates will be released once the collateral rates return to normal.

The security agency Innora released a report stating that the financial protocol Saturn on Ethereum has two serious vulnerabilities. These include:Withdrawal freeze vulnerability: Under normal business operations, all user funds could be locked, with a minimum of 30 days and, in extreme cases, indefinitely frozen. No hacker is needed; the protocol can trigger this itself.Privileged addresses in the protocol can legally intercept up to 33.33% of the funds per operation. According to current data, a single operation can intercept up to approximately $157,000, with a theoretical total risk of up to $4.26 million.Innora stated that over 90% of Saturn's assets are managed by privileged addresses, and users are completely reliant on trust. As of the report's release, this vulnerability has not yet been fixed.

Slow Fog has once again issued a security reminder stating to pay attention to checking for malicious versions of axios and the exposure risk of OpenClaw npm global installation history. axios@1.14.1 and axios@0.3.4 have been confirmed as malicious versions, both of which have injected the dependency plain-crypto-js@4.2.1, delivering cross-platform malicious payloads through the postinstall script.The impact of OpenClaw is assessed based on scenarios: source code builds are not affected, as the locked versions in the lock file are 1.13.5/1.13.6; however, users who installed via npm install -g openclaw@2026.3.28 face historical exposure risks due to the presence of optionalDependencies.axios@^1.7.4 in the dependency chain, which may resolve to axios@1.14.1 during the time window when the malicious version is still online. Currently, npm has reverted the resolution to axios@1.14.0, but environments that were installed during the attack window are still advised to be checked. Slow Fog has provided inspection commands and IoC paths for various platforms; if the plain-crypto-js directory is found, even if the package.json has been cleaned, it should still be regarded as high-risk execution traces. It is recommended that affected hosts immediately rotate credentials and conduct host-side inspections. Previously, Slow Fog founder Yu Xian reminded that OpenClaw version 3.28 may introduce a toxic version of axios, and users need to urgently check.

According to BBX data, yesterday global listed companies disclosed several key data points regarding the "geopolitical competition" and "scalable positioning" of crypto reserves:15,000 holdings disclosed: Trump Media (NASDAQ: $DJT) confirmed in a strategic briefing yesterday that its treasury's holding of 15,000 BTC has completed its transformation into a "long-term strategic reserve." The company stated that this asset serves as a financial anchor for building decentralized social and payment infrastructure, with a current market value exceeding $1 billion.Vision for 100,000 coins: Metaplanet (TSE: 3350) confirmed yesterday at its Tokyo headquarters that its holding target by the end of 2026 is 100,000 BTC. As one of the largest corporate holders in Asia, the company plans to fill the current reserve gap through a new round of $250 million equity financing, aiming to achieve a top three global holding position within the year.30,000 reserve milestone: Bitcoin Standard Treasury (NASDAQ: $BSTR) disclosed yesterday that its total holdings have officially surpassed 30,000 BTC. As a representative of "standard-based" financial companies, its BPS (Bitcoin per share) grew by 8.4% month-over-month in March.23.8% annual yield: Semler Scientific (NASDAQ: $SMLR) released its latest treasury efficiency report yesterday, showing that its "Bitcoin Yield" achieved through ATM financing tools since 2026 has risen to 23.8%, far exceeding the spot price increase of BTC during the same period.1,717 holdings confirmed: Nexon (TSE: 3659) confirmed yesterday in its weekly report that its holding of 1,717 BTC remains in a "retail out" state. The company reiterated that it will showcase how it utilizes this reserve to support the economic model of next-generation blockchain games at the developer conference in April.

According to Bnp Paribas, BNP Paribas announced the expansion of its trading product range and will launch 6 cryptocurrency exchange-traded notes (ETNs) linked to Bitcoin and Ethereum for retail clients in France. This product allows investors to gain indirect exposure to cryptocurrencies through their securities accounts without the need to directly hold BTC or ETH, and will operate under the MIFID2 regulatory framework.The related ETN products are scheduled to officially launch on March 30, 2026, with the potential for further expansion to a broader wealth management client base in the future.