mal

The UK's Financial Conduct Authority (FCA) has released the final draft of the crypto asset framework. This new regulation is set to bring most crypto activities under the regulation of the Financial Services and Markets Act by October 25, 2027.According to the proposal, any institution that holds customer crypto assets for more than 24 hours or has the ability to revoke customer permissions will be considered a regulated custodian and must hold a full safeguarding license. Validators and node operators that provide value-added features such as yield or reward reinvestment will lose their technical exemptions. In addition, stablecoin issuers within the UK must control the entire lifecycle from issuance to redemption. Relevant institutions must submit authorization applications between September 30, 2026, and February 28, 2027.

According to Santiment monitoring, small retail traders are actively selling their holdings of Ethereum (ETH), with wallets holding 0.01 ETH or less having reduced their holdings by a total of 1,791 ETH (approximately 4.16 million USD) in the past two days. The market generally views the 17% increase since March 29 as a "Bull Trap," and this sentiment has actually strengthened the likelihood of a continued bullish momentum.

According to disclosures from the GoPlus Chinese community, a user lost approximately $316,000 in USDC from their wallet due to signing a malicious Permit2 transaction, which was exploited by a phishing attacker.GoPlus advises users to adhere to the "four no" principles for phishing prevention: do not click on unfamiliar links, do not install unknown software, do not sign transactions with unclear content, and do not transfer funds to unverified addresses. They also recommend installing the GoPlus security plugin to intercept phishing risks in real-time.

On April 12, ARCB officially held the Asia Launch Ceremony in Malaysia, gathering over a hundred representatives from government agencies, the business sector, the education sector, and youth students to witness the event, marking its official entry into a new phase of expansion in Asia.During the event, ARCB signed strategic cooperation memorandums with Kanzun Ventures and Rakyat Trustee, and the three parties will engage in deep cooperation in areas such as capital synergy, financial product development, and the construction of sustainable development mechanisms.At the same time, ARCB also completed the signing of a tripartite cooperation agreement with ReSkills and JLM AI Agent, focusing on education and the cultivation of technical talent. In addition, ARCB allocated 1.2 million USD in special funds to UiTM University to promote the JLM AI Agent artificial intelligence project into the campus system.

According to Cointelegraph, the Financial Supervisory Service (FSS) of South Korea stated that API-based cryptocurrency trading currently accounts for about 30% of the market's trading volume.The FSS pointed out that some traders are using automated tools to inflate trading volume and manipulate prices, with methods including repeatedly submitting small orders to create a false sense of activity and artificially raising prices through high-limit orders.The regulatory agency stated that it will conduct special investigations on accounts suspected of abnormal API trading and remind investors to be cautious of assets that experience sudden spikes in price and trading volume without obvious reasons. Previously, South Korea had required exchanges to verify asset balances every five minutes and continued to tighten anti-fraud rules, but some regulatory measures still face constraints due to an incomplete legal framework.

According to Asda Finance, the Financial Secretary of Hong Kong, Paul Chan, stated that the authorities' licensing strategy is "small steps, quick progress," and will initially issue a small number of licenses. There needs to be practical application scenarios, and only after summarizing experiences post-launch will a second batch be issued.Stablecoins and digital assets are financial innovations that require encouragement for breakthroughs, but at the same time, safety must be ensured, and mechanisms must be in place to prevent money laundering, thus appropriate regulations are necessary. The benefits of stablecoins include decentralization and high efficiency, but they are merely a payment tool, not an investment tool.

Web3 wallet Zerion announced on the X platform that it has discovered abnormal activity on the platform, reminding users to temporarily refrain from using the web application services. Related services have been temporarily taken offline, but the iOS and Android applications, as well as the web extension, are safe. User funds within the wallet have not been affected, and the situation is being actively monitored. Users will be notified separately once the web application is restored.

According to monitoring by Hyperinsight, the "Silver Iron Head Air Force" whale today reduced its position by approximately $11.4484 million in ETH short positions (6,100 units), realizing a small profit. Currently, it still holds about 5,126 ETH short positions, valued at approximately $11 million, with an entry average price of $2,237.4 and a liquidation price of $3,079.42. It is reported that this whale has been continuously increasing its short position since opening an ETH short with 20x leverage on April 1, and has set up short limit orders, with the position size once exceeding 10,000 ETH, valued at over $20 million.This whale does not hold a single-direction position but is engaging in swing trading: currently, it has set up 5,126.93 ETH long positions in the $2,180--$2,200 range, while also setting up 10,869.56 ETH short positions in the $2,260--$2,340 range.

According to Jinshi reports, "Fed mouthpiece" Nick Timiraos wrote that 178,000 new jobs were added in March, reversing the significant decline in February. The unemployment rate also dropped to 4.3%.However, some details are not very optimistic, as wage growth for ordinary workers has slowed to the lowest year-on-year growth rate in five years since the pandemic recovery. Averaging these two volatile months reveals a clearer underlying trend: an average of only 22,500 new jobs per month. Two years ago, adding 22,500 jobs per month would have raised alarms; today, such a level may still be considered acceptable.Federal Reserve officials are still trying to explain this change. San Francisco Fed President Mary Daly wrote on Friday, "It is not easy for the public to understand that zero job growth can still be consistent with full employment." This situation is particularly fragile in the face of new supply shocks. If the war in Iran continues, high fuel costs or commodity shortages could squeeze businesses and consumers, leaving the labor market without a buffer to absorb the shocks. Meanwhile, concerns about inflation may weaken the certainty of interest rate cuts, further limiting the Fed's policy space.

According to a report by Jinshi Data, the General Office of the Ministry of Industry and Information Technology has issued a notice on launching a special action to empower the development of small and medium-sized enterprises (SMEs) through inclusive computing power, mentioning the innovative service model of computing power.Improve the SME section of the China Computing Power Platform, the computing resource docking section of the China SME Service Network, and the national computing internet service node section (hereinafter collectively referred to as the SME platform section), to promote the precise matching of SME demand and computing resource supply, and implement flexible payment models such as "card time," "calculated time," and Token billing.Explore innovative businesses such as "computing power banks" and "computing power supermarkets," supporting SMEs to deposit idle computing resources and achieve flexible use through cross-regional and cross-cycle scheduling. Implement an artificial intelligence SME entrepreneurship support plan, encouraging local relevant departments to subsidize "computing power vouchers," "storage vouchers," and "transportation vouchers" to SMEs that meet industrial orientation through the SME platform section, simplifying the acquisition and usage process.

Slow Fog has once again issued a security reminder stating to pay attention to checking for malicious versions of axios and the exposure risk of OpenClaw npm global installation history. [email protected] and [email protected] have been confirmed as malicious versions, both of which have injected the dependency [email protected], delivering cross-platform malicious payloads through the postinstall script.The impact of OpenClaw is assessed based on scenarios: source code builds are not affected, as the locked versions in the lock file are 1.13.5/1.13.6; however, users who installed via npm install -g [email protected] face historical exposure risks due to the presence of optionalDependencies.axios@^1.7.4 in the dependency chain, which may resolve to [email protected] during the time window when the malicious version is still online. Currently, npm has reverted the resolution to [email protected], but environments that were installed during the attack window are still advised to be checked. Slow Fog has provided inspection commands and IoC paths for various platforms; if the plain-crypto-js directory is found, even if the package.json has been cleaned, it should still be regarded as high-risk execution traces. It is recommended that affected hosts immediately rotate credentials and conduct host-side inspections. Previously, Slow Fog founder Yu Xian reminded that OpenClaw version 3.28 may introduce a toxic version of axios, and users need to urgently check.

Slow Fog founder Yu Xian issued a security reminder stating: We are fairly certain that if the user's OpenClaw is the latest version 3.28, it may introduce a poisoned axios, please be cautious in your checks.In addition, related Skills may also rely on axios, leading to indirect poisoning. Due to the widespread use of axios, a comprehensive check can be conducted under certain conditions.

According to GoPlus Security, a piece of malware named Infiniti Stealer is targeting Mac users' cryptocurrency wallets and sensitive credentials through a "ClickFix" social engineering attack method.The attackers forge a highly realistic Cloudflare CAPTCHA page to lure users into opening the terminal and manually pasting malicious commands. After executing the command, the script removes the macOS quarantine attribute and silently writes subsequent payloads to the /tmp directory. The final payload is a native macOS binary compiled with Nuitka, significantly increasing the difficulty of detection by security tools. Once deployed, Infiniti Stealer can steal Chromium / Firefox browser credentials, macOS Keychain, cryptocurrency wallets, and developer key files (such as .env files), and it has sandbox detection and delayed execution capabilities to evade tracking.

According to a security alert released by GoPlus Security, Silverfort security researchers discovered a serious vulnerability in OpenClaw's skill repository ClawHub. Attackers can bypass all protective mechanisms by calling the internal function downloads:increment, allowing them to inflate the download count to over 20,000 in just a few minutes with a single curl request, thereby pushing malicious skills to the top of search rankings and enticing users or AI Agents to install them automatically.Once the malicious skill is running, it can steal sensitive data such as cryptocurrency wallets and API keys. The vulnerability has been patched within 24 hours. GoPlus advises users that a high download count does not equal safety and recommends using AgentGuard for security scanning and protection.

According to community feedback, the X platform is currently gradually returning to normal. According to Downdetector records, there have been 5 significant outages/wide-scale interruption events on the platform in the past 3 months.

X is suspected to be malfunctioning and is temporarily unable to display tweets.

According to Slow Fog monitoring, the Apifox desktop client has encountered a supply chain attack, with front-end script files hosted on its official CDN being injected with highly obfuscated malicious JavaScript code.Affected users may face risks such as credential theft, sensitive data leakage, and remote command execution, with the malicious code executing automatically and being highly concealed. Slow Fog recommends that users immediately revoke all Tokens, reset passwords, log out and log back in to invalidate sessions, block the *.apifox.it.com domain, clear local storage, and review API logs and abnormal activities.

According to monitoring by Hyperinsight, a whale opened a short position of 176 BTC (worth about $12.4827 million) with 40x leverage 19 minutes ago, quickly switching to a long position after a small loss of $7,000, opening a long position of 190 BTC (about $13 million) at the same leverage.The average opening price was $70,963.6, and the liquidation price was $67,599. This whale has frequently opened high-leverage BTC contracts and has recently incurred an overall loss of about $8.5 million in the account.

According to Jinshi reports, ECB board member Vujicic stated that if interest rate hikes are necessary, it is best to start with small adjustments.

Regarding the rumors that the Resolv Labs stablecoin security incident has a significant impact on Morpho, Morpho co-founder Paul Frambot clarified in a post on X that this incident has indeed affected USR and related assets (such as RPL), and has impacted the lending market that uses them as collateral. However, among the approximately 500 Morpho Vaults with deposits exceeding $10,000, only about 15 vaults have significant exposure to the related market (over $10,000). The affected vaults are primarily positioned as high-risk strategies, using long-tail collateral assets, while other vaults that do not have related exposure (including low-risk Prime Vaults) have not been affected.Paul Frambot advised users to continue to pay attention to communications and updates from Resolv Labs and related Curators to get the latest developments on specific vault risk exposures.