xpos

The security agency Innora released a report stating that the financial protocol Saturn on Ethereum has two serious vulnerabilities. These include:Withdrawal freeze vulnerability: Under normal business operations, all user funds could be locked, with a minimum of 30 days and, in extreme cases, indefinitely frozen. No hacker is needed; the protocol can trigger this itself.Privileged addresses in the protocol can legally intercept up to 33.33% of the funds per operation. According to current data, a single operation can intercept up to approximately $157,000, with a theoretical total risk of up to $4.26 million.Innora stated that over 90% of Saturn's assets are managed by privileged addresses, and users are completely reliant on trust. As of the report's release, this vulnerability has not yet been fixed.

Slow Fog has once again issued a security reminder stating to pay attention to checking for malicious versions of axios and the exposure risk of OpenClaw npm global installation history. [email protected] and [email protected] have been confirmed as malicious versions, both of which have injected the dependency [email protected], delivering cross-platform malicious payloads through the postinstall script.The impact of OpenClaw is assessed based on scenarios: source code builds are not affected, as the locked versions in the lock file are 1.13.5/1.13.6; however, users who installed via npm install -g [email protected] face historical exposure risks due to the presence of optionalDependencies.axios@^1.7.4 in the dependency chain, which may resolve to [email protected] during the time window when the malicious version is still online. Currently, npm has reverted the resolution to [email protected], but environments that were installed during the attack window are still advised to be checked. Slow Fog has provided inspection commands and IoC paths for various platforms; if the plain-crypto-js directory is found, even if the package.json has been cleaned, it should still be regarded as high-risk execution traces. It is recommended that affected hosts immediately rotate credentials and conduct host-side inspections. Previously, Slow Fog founder Yu Xian reminded that OpenClaw version 3.28 may introduce a toxic version of axios, and users need to urgently check.

According to BBX data, yesterday global listed companies disclosed several key data points regarding the "geopolitical competition" and "scalable positioning" of crypto reserves:15,000 holdings disclosed: Trump Media (NASDAQ: $DJT) confirmed in a strategic briefing yesterday that its treasury's holding of 15,000 BTC has completed its transformation into a "long-term strategic reserve." The company stated that this asset serves as a financial anchor for building decentralized social and payment infrastructure, with a current market value exceeding $1 billion.Vision for 100,000 coins: Metaplanet (TSE: 3350) confirmed yesterday at its Tokyo headquarters that its holding target by the end of 2026 is 100,000 BTC. As one of the largest corporate holders in Asia, the company plans to fill the current reserve gap through a new round of $250 million equity financing, aiming to achieve a top three global holding position within the year.30,000 reserve milestone: Bitcoin Standard Treasury (NASDAQ: $BSTR) disclosed yesterday that its total holdings have officially surpassed 30,000 BTC. As a representative of "standard-based" financial companies, its BPS (Bitcoin per share) grew by 8.4% month-over-month in March.23.8% annual yield: Semler Scientific (NASDAQ: $SMLR) released its latest treasury efficiency report yesterday, showing that its "Bitcoin Yield" achieved through ATM financing tools since 2026 has risen to 23.8%, far exceeding the spot price increase of BTC during the same period.1,717 holdings confirmed: Nexon (TSE: 3659) confirmed yesterday in its weekly report that its holding of 1,717 BTC remains in a "retail out" state. The company reiterated that it will showcase how it utilizes this reserve to support the economic model of next-generation blockchain games at the developer conference in April.

According to Bnp Paribas, BNP Paribas announced the expansion of its trading product range and will launch 6 cryptocurrency exchange-traded notes (ETNs) linked to Bitcoin and Ethereum for retail clients in France. This product allows investors to gain indirect exposure to cryptocurrencies through their securities accounts without the need to directly hold BTC or ETH, and will operate under the MIFID2 regulatory framework.The related ETN products are scheduled to officially launch on March 30, 2026, with the potential for further expansion to a broader wealth management client base in the future.

Elon Musk stated that the planned "increase the exposure weight of creators based on their region" will be paused and further consideration will be given.Previously, X product head Nikita Bier revealed that starting this Thursday (March 26), the X platform will adjust the revenue-sharing incentive mechanism for creators, focusing on increasing the weight of exposure from the creators' regions. This adjustment aims to encourage content that resonates with users in their own country, neighboring countries, and those who speak the same language, while reducing the motivation for creators to specifically optimize traffic for U.S. or Japanese accounts, in order to promote a more diverse content ecosystem on the platform.

X product leader Nikita Bier posted on the X platform that starting Thursday, the X platform will update its revenue-sharing incentive mechanism, increasing the weight of exposure based on the creator's region to encourage content that resonates with users in their own country, neighboring countries, and those who speak the same language.This move aims to reduce the behavior of competing for traffic through attention-seeking tactics and promote diverse dialogue on the platform. The X platform invites creators to start building local audiences.

On-chain detective ZachXBT disclosed today that a collaborative network consisting of at least 10 accounts is generating traffic on social platform X by creating panic-inducing content related to wars and ultimately directing it to cryptocurrency scam projects.This network acquires accounts with an existing follower base, frequently posts sensational "apocalyptic" content, and amplifies dissemination by having multiple secondary accounts retweet each other, quickly gaining millions of views and significant interactions. Investigations show that these accounts also utilize AI to generate fake personas, such as fabricating an "Asian version of Mario Nawfal" to enhance credibility. After gaining traffic, the relevant accounts promote fake airdrop events or cryptocurrency project scams, including a concentrated promotion of a pump-and-dump project named ORAMAMA on February 22, 2026, which is then no longer mentioned.On-chain data indicates that this operation has brought six-figure profits to the team behind it. Meanwhile, many genuine large accounts inadvertently engage in interactions through comments and retweets, further amplifying the content dissemination effect. ZachXBT warns that this combination model of "traffic farms + AI content + cryptocurrency scams" has become highly mature and is easily replicable. If similar mechanisms are exploited by higher-level organizations, their potential impact will far exceed the realm of financial fraud and may even evolve into a tool for public opinion manipulation.ZachXBT calls for platforms to strengthen regulation, implementing bans and legal accountability for such manipulative behaviors. He also advises users to carefully verify account histories and information sources before engaging in interactions to combat the increasingly rampant phenomenon of false content and "interaction bait."

Regarding the rumors that the Resolv Labs stablecoin security incident has a significant impact on Morpho, Morpho co-founder Paul Frambot clarified in a post on X that this incident has indeed affected USR and related assets (such as RPL), and has impacted the lending market that uses them as collateral. However, among the approximately 500 Morpho Vaults with deposits exceeding $10,000, only about 15 vaults have significant exposure to the related market (over $10,000). The affected vaults are primarily positioned as high-risk strategies, using long-tail collateral assets, while other vaults that do not have related exposure (including low-risk Prime Vaults) have not been affected.Paul Frambot advised users to continue to pay attention to communications and updates from Resolv Labs and related Curators to get the latest developments on specific vault risk exposures.

Aave founder Stani.eth confirmed in a post on the X platform that their protocol has no exposure to Resolv Labs' stablecoin USR. Resolv only acts as a liquidity provider supplying its supported assets to the Aave protocol. The related assets are currently safe, and the supporting assets themselves have not been affected. Resolv can exit smoothly and has begun repaying its debts. At the same time, this incident has no adverse impact on Aave liquidity providers (LPs) and does not affect the protocol itself.

According to reports from CCTV News, based on insider revelations, journalists quickly found a business called GEO by searching multiple online platforms. Service providers engaged in this business on these platforms claim that users only need to pay the corresponding fees to have their products listed among the major mainstream AI large models; allowing their product advertisements to become the "standard answers" provided by the AI models.The popularity of the GEO business has led to the emergence of many companies and platforms specializing in press release services. They have long undertaken various press release tasks to ensure that AI large models reference and capture them, becoming an important part of hunting AI large models and conducting data "poisoning."

Agent Garrett Jin of "1011 Insider Whale" stated that the closure of the Strait of Hormuz has entered its 16th day, and since February 27, oil prices have risen by about 45%. The price of Brent crude oil has risen above $103, and there are still no signs of a ceasefire. The Strategic Petroleum Reserve (SPR) may only be able to cover about 12% to 15% of the supply gap. The recommended trading strategy in the near term is to be bullish on oil and reduce equity exposure, especially in the assets of net energy-importing economies such as Japan, South Korea, and Europe. Meanwhile, in an environment where interest rates, the dollar, and oil prices are all rising, overall market liquidity is tightening. Investors should maintain cash positions, shorten duration, and remain vigilant.

According to Bloomberg, many family offices based in Hong Kong plan to increase their allocations to private equity and digital assets over the next three years.The Hong Kong Institute for Monetary and Financial Research (HKIMR) wrote in a report on Tuesday that wealthy families' interest in these assets is expected to rise significantly, which also includes private credit and venture capital.Hong Kong has been striving to encourage more high-net-worth individuals and their families to establish investments locally, aiming to become a bridge between the mainland and global markets. According to a survey commissioned by the Hong Kong government and conducted by Deloitte, the number of single-family offices established in this financial hub increased to 3,384 by the end of last year, a 25% increase from 2023.

According to a report by South Korea's Asia Economy, the National Tax Service of South Korea released news materials regarding on-site searches of 124 high-profile, habitual tax evaders, revealing现场照片 that included the seized Ledger hardware wallet's mnemonic phrase, with no pixelation applied.Blockchain data expert Jaewoo Cho stated that shortly after the mnemonic phrase was leaked, all 4 million PRTG tokens stored in the wallet were transferred to an unidentified wallet early this morning, with estimated losses reaching approximately 6.4 billion won (about 4.8 million USD).Analysis shows that the thief first deposited a small amount of Ethereum to be used as transaction fees into the wallet, and then transferred all the tokens in three transactions.

According to monitoring by Lookonchain, many insiders have made huge profits by betting on Polymarket that ZachXBT will expose which cryptocurrency company is involved in insider trading. A total of 12 suspected insider wallet addresses have been identified, which have collectively profited $1.02 million.

According to Jin Ten, HSBC strategists have halved their exposure to the U.S. stock market and increased investments in emerging markets and Europe, as the latter shows strong economic conditions. Over the past two months, key cyclical indicators such as consumption and manufacturing have shown growth. The strategists stated that the positive trends in technicals, positioning, and market sentiment can offset concerns regarding geopolitics, trade, and artificial intelligence. So far this year, the S&P 500 index has risen by 1.5%, the global stock index excluding U.S. stocks has increased by 11%, and the emerging markets benchmark index has risen by 15%.

The trading volume on Polymarket for "Which cryptocurrency company will ZachXBT expose for insider trading?" has reached $2.39 million. Currently, Meteora has a probability of 33%, while pumpfun and MEXC have probabilities of 13%, and Axiom and WLFI have 8% and 7%, respectively.In addition, Wintermute, Binance, Jupiter, Coinbase, and Dexscreener are also on the list.Note: Previously, it was reported that ZachXBT will release a major investigative report on a highly profitable company in the crypto industry on February 26.

According to Cointelegraph, despite the overall decline in the cryptocurrency market and poor stock performance of treasury companies, the largest shareholder of Bitmine Immersion Technologies increased their investment in this Ethereum asset management company in the fourth quarter of 2025.According to the 13F form submitted to the SEC, Morgan Stanley, as the largest disclosed shareholder, increased its holdings by approximately 26% to over 12.1 million shares, with a market value of about $331 million at the end of the quarter. The second-largest shareholder, ARK Investment Management, increased its holdings by approximately 27% to over 9.4 million shares, with a market value of about $256 million.

The Binance compliance team's investigators found that entities related to Iran received over $1 billion in funds through the exchange, with these transactions conducted via Tether on the Tron chain, potentially violating sanctions laws. After the investigators disclosed these findings through an internal report, at least 5 people began to be fired at the end of 2025.Additionally, in the past three months, at least four senior compliance personnel have either left or been dismissed, and Binance's Chief Compliance Officer Noah Perlman plans to leave later this year, although his departure is unrelated to the firing of the investigators. A Binance spokesperson stated that the company cannot comment on ongoing investigations according to policy and is committed to complying with all applicable sanctions laws and regulations in the markets where it operates. It is reported that Binance acknowledged in 2023 that it violated anti-money laundering, customer identification laws, and sanctions regulations, agreeing to pay a $4.3 billion fine.