risk

According to Cointelegraph, multiple analysts have pointed out that Ethereum faces downside risks, with ETH potentially dropping another 20% to the $1,700 range. The increase in holdings on trading platforms and the decline in ETF demand are the main sources of pressure.CryptoQuant analyst BorisD noted that from May 5 to May 9, the ETH reserves on Binance surged from 3.36 million to 3.84 million, while the price dropped 7% from $2,390 to $2,260 during the same period. He stated, "This indicates that liquidity is being absorbed and distributed simultaneously. The overall structure still points to dominant downside risks."Another analyst, PelinayPA, shares the same view, believing that any short-term rebound will "be accompanied by high volatility, followed by a continuation of a broader downward trend," and added, "A large amount of ETH continues to flow into trading platforms, creating significant resistance to price increases." The net inflow of ETH to trading platforms surged to 585,000, marking the largest single-day inflow since December 2025—at that time, the ETH price was around $3,000, which subsequently dropped to $1,750 in February this year, a decline of 42%. Such large-scale inflows typically indicate that large holders are offloading.Meanwhile, the demand for spot Ethereum ETFs continues to weaken, recording net outflows for four consecutive days, with a total outflow amounting to $190 million. From a technical perspective, the ETH daily chart shows that the ascending wedge pattern has broken below the support level of $2,280. If the daily closing price confirms a break below, the target will point to the wedge measurement target of $1,725, a 22% drop from the current price, aligning with the macro low on February 6 of this year.Analyst ShangoTrades stated that this breakdown "is starting to become concerning." From a longer-term perspective, analyst CryptoBullGod pointed out that the measurement target for the ETH weekly bear flag pattern is $1,280.

According to Cointelegraph, after the U.S. stock market opened, Bitcoin quickly fell, briefly dropping below the $79,000 mark, with a daily decline of about 3%, reaching a low not seen since May. The market generally believes that this round of correction is closely related to the sell-off of risk assets triggered by the surge in U.S. Treasury yields. Data shows that the yield on the U.S. 10-year Treasury rose above 4.55%, reaching a nearly one-year high, raising concerns in the market about tightening liquidity and the reassessment of risk assets.Analysts pointed out that this level had previously triggered adjustments in U.S. stocks and policy expectations last year, and it has now become a key pressure signal again. Trading firm The Kobeissi Letter stated that the "crisis-like rise" in the U.S. Treasury market is intensifying, with long-term high interest rate expectations heating up. The market has begun to factor in the possibility of future rate hikes, leading to a rapid cooling of the previous "euphoric sentiment" in risk assets.From a technical perspective, analysts believe that after multiple rejections of resistance above $82,000, the support structure for Bitcoin is weakening, and it may retest the $75,000--$77,000 range in the short term, as the market enters a phase of range-bound fluctuations and directional choices.

The GoPlus Security team has disclosed a new type of attack in its AgentGuard AI project: inducing AI agents to perform unauthorized sensitive operations through "memory poisoning." This attack method does not rely on traditional vulnerabilities or malicious code but exploits the long-term memory mechanism of AI agents. For example, an attacker first induces the agent to "remember preferences," such as "usually prioritizing proactive refunds instead of waiting for chargebacks," and then uses vague expressions like "process as usual" or "execute as before" in subsequent instructions, thereby triggering automated financial operations.GoPlus points out that the key risk in such cases lies in the AI agent mistakenly treating "historical preferences" as a basis for authorization, leading to financial losses or security incidents in operations such as refunds, transfers, and configuration changes. To address this issue, the team has proposed several protective recommendations, including:Operations involving refunds, transfers, deletions, or sensitive configurations must require explicit confirmation in the current session.Memory-related instructions like "habit," "usual way," and "as before" should be regarded as high-risk state changes.Long-term memory must have a traceability mechanism (writer, time, confirmation status).Vague instructions should automatically elevate the risk level and trigger secondary verification.Long-term memory must not replace real-time authorization processes.The team emphasizes that the "AI agent memory system" should be viewed as a potential attack surface and should be constrained and audited through a dedicated security framework.

The slow fog余弦 social media stated that the high-risk iOS attack framework DarkSword has been publicly leaked on channels such as GitHub and is being used for large-scale espionage attacks targeting cryptocurrency wallet holders.This attack program targets devices running iOS versions 18.4 to 18.7, utilizing vulnerabilities in the Safari browser through malicious web pages to achieve remote code execution, thereby stealing users' sensitive data. Attackers launch attacks using bait web pages that impersonate pornographic live streams, Tron energy stations, refund processes, and more.iPhone users running older versions of iOS, once they access such web pages using the Safari browser (even if they do not close the page), may have sensitive information such as plaintext private keys and mnemonic phrases stolen by malicious JavaScript code when unlocking the wallet app, which is then transmitted in real-time through channels like Telegram bots.

According to Jin Shi reports, Federal Reserve's Schmid stated that persistent inflation is the most pressing risk facing the economy, and the level of inflation is clearly still too high.

According to Cointelegraph, CryptoQuant pointed out in a report that Bitcoin faces a risk of correction after reaching the 200-day moving average of $82,400. The agency stated that the 200-day moving average was a major resistance level during the 2022 bear market, and Bitcoin resumed its downward trend after hitting that level in March of that year.The report noted that traders' unrealized profit margin reached 17.7% on May 5, the highest level since June of last year, indicating potential selling pressure from profit-taking. Last week, daily realized profits surged to the highest level since early December, with traders cashing out 14,600 Bitcoins (worth nearly $1.2 billion) on May 4. CryptoQuant stated that such a peak magnitude often signals a local price top during a bear market rebound.If Bitcoin declines, the current support level is around $70,000, which is the average price of all Bitcoin's last trades and has historically been a key resistance turning into support during bear markets.

According to Jinshi reports, CITIC Securities' research report states that U.S. inflation continued to be elevated in April, and the spillover effects of the Middle East conflict are still ongoing, with rising rental inflation pushing up core readings. High inflation continues to erode the real purchasing power of American households, with low-income families facing a stronger cost shock, and real hourly wages have returned to negative growth year-on-year for the first time in three years. CITIC Securities believes that the risk of secondary inflation in the U.S. is low, but high oil prices will constrain the space for inflation rates to decline within the year, and under the baseline scenario, it still expects the Federal Reserve to cut interest rates by 25 basis points within the year.

The cryptocurrency research institution Delphi Digital released the latest report "How Far Can Saylor Stretch It," which systematically analyzes the Bitcoin (BTC) funding expansion mechanism of Strategy, pointing out that its financing structure is transitioning from "low-cost accumulation" to the "diminishing marginal efficiency" stage. The report shows that in the current asset accumulation system centered around Bitcoin, STRC has become the core financing tool for Strategy's continuous purchase of BTC. Initially, it relied on a significant premium in MSTR's stock price (mNAV far exceeding BTC's net value) to achieve a positive cycle of "issuance leads to accumulation," but as the valuation has fallen back to about 1.24 times the EV-based mNAV, the BTC per share enhancement effect from common stock issuance is nearing breakeven.At the same time, while convertible bond tools have played an important role historically, they have accumulated about $8.2 billion in principal and will face concentrated repayment pressure after September 2027, putting long-term sustainability of the financing structure under pressure. STRC provides a continuous financing source for Strategy by offering approximately 11.5% annualized monthly dividends to income-oriented investors, to maintain the pace of BTC purchases. However, this mechanism also introduces ongoing cash flow obligations, meaning that each round of financing increases BTC assets while simultaneously accumulating future dividend burdens.The report emphasizes key risk scenarios: if BTC prices remain stagnant and MSTR's premium fails to recover, then the "STRC financing purchase gain" may be gradually offset by "common stock dilution and dividend obligations." Although the company's approximately $2.25 billion cash reserves can cover about $1 billion in redemption pressure in 2027, larger-scale debt and dividend structures in 2028 still need to be addressed. Additionally, the current authorized issuance limit of about $28.3 billion for STRC becomes a critical constraint point. Once the limit is reached, the ability to purchase new BTC may slow down, but existing dividend obligations will continue to exist, thus altering the overall BTC per share dynamic growth path.

According to the blockchain security organization SlowMist (@SlowMist_Team), a highly complex npm worm named "Mini Shai-Hulud" is spreading through well-known developer projects such as TanStack, UiPath, and DraftLab, as monitored by their threat monitoring system MistEye. Attackers hijack GitHub credentials to publish malicious packages disguised as legitimate updates, embedding a hidden script router_init.js that runs silently in CI/CD environments like GitHub Actions, specifically designed to steal CI/CD keys, cloud infrastructure keys, and cryptocurrency wallet information, using GitHub's own infrastructure for data exfiltration.SlowMist has synchronized relevant threat intelligence (IOC) with clients and recommends that projects using the affected packages immediately check their CI/CD pipelines for the presence of the router_init.js file, rotate all exposed GitHub, cloud service, and cryptocurrency credentials, and continuously monitor for abnormal background activities in the development environment.

Binance released its latest security report, addressing the current industry situation of rapidly spreading AI scams. The platform has deployed over 24 AI security programs and equipped more than 100 AI models to build an intelligent defense system against various types of cryptocurrency fraud.Statistics show that from early 2025 to the first quarter of 2026, Binance has protected over 5.4 million users and intercepted potential fund losses of $10.53 billion. In Q1 2026, the platform successfully intercepted 22.9 million scam and phishing attacks, protecting user funds amounting to $1.98 billion, with an average of over 9,600 real-time risk alerts pushed daily, and a total of 36,000 malicious on-chain addresses blacklisted.The report pointed out that deepfakes, voice cloning, and phishing bots have become mainstream scam tactics, with the overall scale of cryptocurrency fraud reaching $17 billion in 2025, a year-on-year increase of 30%. In terms of risk control, Binance's AI system handles 57% of fraud detection work, reducing the credit card fraud rate to 60%-70% of the industry average; it has upgraded AI anti-counterfeiting KYC reviews, with review efficiency improved by up to 100 times.The AI trading tool Binance Ai Pro uses an isolated account structure, only allowing trading permissions and prohibiting withdrawals, with the platform intercepting 12% of high-risk third-party AI plugins. Additionally, in 2025, Binance assisted in recovering $12.8 million in scammed funds, handled 48,000 cases, and collaborated with law enforcement to freeze $131 million in illegal assets.

According to Politico, Coinbase, Kraken, and Gemini proposed to lawmakers earlier this year to remove a provision in the digital asset bill that requires cryptocurrency trading platforms to only list "non-manipulable" digital assets. The three exchanges are concerned that this would make it more difficult to list small-cap tokens.This amendment occurred after the Senate Agriculture Committee voted to advance the bill in January. The CFTC has long required exchanges to "self-certify" that the product contracts they list are not easily manipulable, but cryptocurrency companies believe this standard does not apply to the spot crypto market. The three exchanges stated that they have been working with Congress for years to push for comprehensive federal regulation of the digital asset market. Coinbase's Federal Policy Director Robin Cook stated that they hope to ensure consumers are protected by standards suitable for spot trading.

According to Jinshi reports, ECB Governing Council member Nagel stated on Friday that due to the Iran war, the European Central Bank is "highly vigilant" about rising inflation risks and will take action as needed to prevent rising energy costs from spreading more broadly to prices. Nagel emphasized that although the medium-term impact of the conflict on inflation is "still difficult to assess," policymakers are prepared to respond to ensure that energy-driven price increases do not spread and become entrenched.

According to market news, Coinbase, Kraken, and Gemini submitted revisions to the U.S. Senate Agriculture Committee, requesting the removal of the provision in the digital asset bill that requires trading platforms to list only tokens that are "not readily susceptible to manipulation."The three companies believe that this provision will increase the difficulty of listing small-cap, low-liquidity tokens and could be used by future CFTC chairs as a tool for tightening regulation. The current draft aims to grant the CFTC broader powers over the spot markets for "digital commodities" such as Bitcoin and Ethereum. The Senate Agriculture Committee has already passed the relevant sections along party lines, and further significant modifications will be made to gain support from the Democrats.

Bitcoin fell below the $80,000 mark this week, following a five-day streak of net inflows into spot ETFs, as the market's rebound momentum from February's lows showed signs of cooling. The U.S. April non-farm payroll data added 115,000 jobs, exceeding the expected 62,000, while the unemployment rate remained at 4.3%. Although the overall data was relatively strong, it did not significantly alleviate market concerns about macroeconomic uncertainty; instead, it reinforced expectations that "energy-driven inflation limits the space for interest rate cuts."In terms of capital flow, the spot Bitcoin ETF saw a net outflow of $277 million on Thursday, ending a previous cumulative inflow of $1.69 billion; the Ethereum ETF also recorded a net outflow of $104 million on the same day, indicating a short-term cooling of institutional risk appetite. On the geopolitical front, tensions between Iran and the U.S. have escalated again, prompting the market to reprice the risks in the Strait of Hormuz, leading to a rebound in oil prices, which partially offset the support that previous risk assets received from the decline in oil prices.The derivatives market shows a more long-term hawkish outlook, with interest rate futures pricing in over a 50% probability of rate hikes beyond 2027, suggesting that the easing cycle may be delayed until 2028. On-chain data indicates that the current rise in Bitcoin is primarily driven by institutional spot buying and short covering, with retail participation remaining relatively low, and funding rates maintaining a moderate level, resulting in a weak market momentum structure. Analysts believe that if retail funds do not return, BTC may still face the risk of testing the support range of $75,000 to $78,000.

According to Bloomberg, ECB President Lagarde stated that even euro-denominated stablecoins pose risks to financial stability and the transmission of monetary policy, questioning the necessity of introducing such tools.She pointed out that while euro stablecoins could lower financing costs in the euro area and enhance the global appeal of the euro, the costs are significant and outweigh short-term benefits. Lagarde emphasized that if the goal is to enhance the international appeal of the euro, stablecoins are not an effective means. She referenced a working paper from the ECB in March, which warned that the widespread adoption of stablecoins would pose significant risks to euro area banks and monetary sovereignty. She stated that Europe's task is not to "replicate tools developed elsewhere" and continues to push for the introduction of a digital euro.

According to market news, LayerZero Labs co-founder and CEO Bryan Pellegrino had a heated debate with security researchers today in the ETHSecurity Community Telegram group. The core controversy includes: since LayerZero Labs can immediately upgrade a default library contract without a time limit to forge messages (similar to the case where rsETH was hacked), the LZ OFT, valued at over $3 billion, is recently at risk of being stolen; researcher Banteg pointed out that mainstream projects like Ethena and EtherFi were still using this default library contract weeks ago, and currently, there is still $178 million worth exposed to risk, with these funds coming from projects that are still using the default library.On-chain data shows that LayerZero Labs multi-signature signers participated in non-multi-signature activities such as meme coin trading, DEX exchanges, and cross-chain bridging, which means that the multi-signature keys in the formal environment were connected to websites, increasing phishing risks. Regarding the multi-signature signers of LayerZero using production environment keys for trading activities, Bryan confirmed that the related transactions were completed by members of the multi-signature team, but denied that it was "meme coin trading," explaining it as "testing PEPE on the LZ OFT token standard," and stated that the involved member has been removed. Bryan also suggested that project parties "directly fix configurations" instead of using default configurations to reduce risks. Banteg subsequently tagged a long list of LayerZero users still using the default library contract, pointing out that these projects should migrate to fixed configurations as soon as possible.

The Chief Information Security Officer of Slow Fog, 23pds, disclosed that a privilege escalation vulnerability named Dirty Frag has been exposed in Linux systems, with complete details and exploit code now public. This vulnerability allows any local low-privilege user to directly obtain root privileges on almost all mainstream Linux distributions. It is classified as a deterministic logic flaw, and the attack does not rely on complex race conditions, resulting in a very high success rate without causing kernel crashes, posing significant danger. Linux users are advised to upgrade their systems promptly.

According to CoinDesk, Aave Labs will rewrite the asset listing and collateral risk control rules. In addition to the existing price and volatility assessments, new reviews will be added for compatibility, network security, and underlying architecture, and minimum standard guidelines will be published for asset issuers.This move stems from the KelpDAO cross-chain bridge attack in April, where hackers minted approximately $293 million worth of unbacked rsETH and borrowed real wETH on Aave as collateral, resulting in hundreds of millions of dollars in bad debt for the protocol. Aave will also shift from a single pool perspective to studying systemic connections between different DeFi protocols to reduce cross-protocol risks and is calling on other DeFi projects to follow similar standards.

According to Jinshi reports, Federal Reserve's Goolsbee stated that the longer oil prices remain high, the more likely people will incorporate higher inflation expectations into their considerations, which will be an "extremely tricky" situation for the central bank.

According to Jinshi reports, Fitch stated that the risks of reducing the Federal Reserve's balance sheet are significant and it is unlikely to be achieved quickly in the short term.