omise

According to crypto journalist Eleanor Terrett, the final text of the compromise on Section 702 of the Foreign Intelligence Surveillance Act (FISA), proposed by Senate Intelligence Committee Chairman Tom Cotton, includes a Federal Reserve CBDC ban that was originally part of the housing bill. This text is expected to ultimately become law. Notably, the termination date of the ban has been moved up from December 31, 2030, to June 12, 2029.

According to The Block, Gnosis co-founder and CEO Martin Koppelmann confirmed that the Zodiac delay module related to Gnosis Pay is currently under exploitation. Attackers can initiate transactions from Safe wallets that integrate this module, and Gnosis has requested cross-chain bridge validators to pause to control the risk.Koppelmann stated that Gnosis will cover all user losses and will remove the previous announcement urging users to urgently withdraw EURe and GNO, noting that most users are unable to withdraw their tokens independently. The team is working to control most of the losses and ensure that all users receive full compensation. Gnosis emphasized that the vulnerability is within the Gnosis Pay system, and the core contracts of Safe are unaffected.

GitHub has updated the details of the investigation into the unauthorized access incident of its internal repositories: GitHub detected and contained an incident yesterday involving an employee's device being compromised, which involved a maliciously implanted VS Code extension. GitHub removed the malicious extension, isolated the affected terminals, and immediately initiated an incident response. Current assessments show that only GitHub's internal repositories experienced data exfiltration, and the approximately 3,800 repositories claimed by the attackers are roughly consistent with the investigation results. GitHub has prioritized rotating critical credentials, is analyzing logs, verifying credential rotations, and monitoring subsequent activities, with a complete report to be released after the investigation is concluded.Additionally, Slow Mist's Chief Information Security Officer 23pds commented on this incident, stating: "By analyzing leaks from cybercrime forums, hackers may have used Anthropic's Mythos security AI to precisely breach GitHub's defenses and steal information from about 4,000 core internal repositories: including the source code for Copilot, the algorithms for CodeQL, the Actions runtime, and the entire billing system. Further analysis of this code could lead to subsequent attacks, having a profound security impact on the integration of the open-source community."

Echo Protocol announced that its eBTC deployment on Monad experienced unauthorized activity, resulting in abnormal minting and financial losses. Preliminary investigations indicate that the issue stemmed from the compromise of the administrator keys related to the Monad deployment, with approximately $816,000 in assets currently confirmed to be affected.Echo stated that the Monad network itself was not affected and continues to operate normally. The team has regained control of the administrator keys and has destroyed the remaining 955 eBTC held by the attacker. The project further clarified: the current incident appears to be limited to the Monad deployment; there is no evidence to suggest that the Aptos side has been affected; aBTC on Aptos and eBTC on Monad are independent, non-bridgeable assets; the current related risk exposure on Aptos is approximately $71,000.As an additional precaution, Echo has suspended the cross-chain functionality of the Monad deployment and has begun upgrading the related EVM bridging contracts and permission control mechanisms, while reminding users not to interact with any unofficial claims, refund, or recovery pages.

Bernstein stated in its latest research report that the recently reached compromise on stablecoin yield in the U.S. CLARITY Act is structurally beneficial for Circle and the USDC ecosystem.The report indicates that the current version of the bill prohibits stablecoin issuers from paying interest to passive holders that is "economically equivalent" to bank deposits, but allows reward mechanisms related to real transactions, payments, and usage behaviors to continue. Bernstein believes this means that Circle's current model, which relies on partners like Coinbase to provide USDC reward programs, will gain regulatory recognition, while also limiting the industry's ability to compete for market share through high yields.Bernstein pointed out that the bill actually reinforces the positioning of stablecoins as "payment tools" rather than "deposit substitutes," which helps protect Circle's current business model that relies on reserve income. It continues to give Circle an "outperform" rating and a target price of $190.Data shows that the total supply of global dollar stablecoins has surpassed $300 billion, with USDT and USDC together accounting for about 97% of the market share. Bernstein noted that USDC's share in on-chain payments and wallet transfers is continuously increasing, with its payment share in the AI Agent payment protocol x402 exceeding 99%.Additionally, Bernstein mentioned that Circle's launched ARC chain has completed a total of 244 million testnet transactions, and its ARC token presale previously raised $222 million, with investors including a16z crypto, Apollo Funds, ARK Invest, and BlackRock among others.However, the report also pointed out that the CLARITY Act still needs to complete several legislative procedures before it can officially take effect, including a full Senate vote with 60 votes and coordination with the House version. Polymarket currently predicts a probability of about 62% for it to pass by 2026.

The Chief Information Security Officer of Slow Fog, 23pds, disclosed on platform X that node-ipc has been compromised again. The released three malicious versions of node-ipc (9.1.6, 9.2.3, 12.1) carry the same credential-stealing payload, with the package being downloaded over 10 million times per week.

Crypto journalist Eleanor Terrett disclosed on the X platform that since last Friday, members of the American Bankers Association have sent over 8,000 letters to Senate offices urging lawmakers to amend the stablecoin revenue compromise proposal. Sources say this does not include additional phone lobbying activities.

According to Bloomberg, on the eve of the Senate Banking Committee's upcoming review of the digital asset bill, banking groups are proposing last-minute modifications to the compromise on stablecoin yields, aiming to completely ban stablecoin issuers from offering any form of rewards, rather than the previously allowed model of "users receiving rewards when actively using stablecoins."Six banking lobbying groups, including the American Bankers Association, stated in a letter that the exception clause in the senators' compromise would "harm deposits." The crypto industry quickly countered, with Coinbase Chief Legal Officer Paul Grewal stating on the X platform that the banking industry's proposal is not a "narrow adjustment," but rather aims to "stifle competition." Senators Angela Alsobrooks and Thom Tillis, who previously facilitated the compromise, issued a joint statement disagreeing with the banking industry's position, emphasizing that the compromise also allows crypto companies to offer other forms of customer rewards, and most importantly, provides a bipartisan path for the passage of the CLARITY Act.

After the U.S. Senate reached a compromise on the issue of stablecoin yields, expectations for the advancement of the cryptocurrency market structure bill have significantly improved. Industry insiders say this progress has "significantly boosted market sentiment," and the Senate Banking Committee may advance the review and vote next week.Previously, the probability of the bill passing was only about 20%–30%, but expectations have now risen to about 60%. However, ethical issues surrounding Donald Trump and his connections to cryptocurrency businesses are still seen as a key obstacle. The bill aims to establish a comprehensive regulatory framework at the federal level for the first time and delineate the regulatory authority between the SEC and CFTC.

According to The Block, Coinbase Chief Legal Officer Paul Grewal stated that he is "very confident" that the stablecoin legislation, the Clarity Act, will pass before this summer, and publicly supports the compromise version proposed by Senators Thom Tillis and Angela Alsobrooks.The proposal retains activity-based rewards linked to actual platform usage and limits balance-based idle yield, which banks view as a risk of deposit outflow.Grewal mentioned that banks failed to provide substantial evidence of deposit outflow risk during multiple meetings and warned that if the compromise is rejected, banks will face a more lenient framework under the GENIUS Act, which allows any non-issuer to offer any rewards. Grewal expects the Clarity Act to pass by this summer at the latest.

Fox Business reporter Eleanor Terrett posted on the X platform that U.S. Senators Thom Tillis and Angela Alsobrooks issued a joint statement regarding the compromise proposal on stablecoin earnings in Section 404 of the CLARITY Act. The statement may indicate that the relevant agreement is close to being finalized.The statement said that the two have discussed concerns from various stakeholders about the banking industry's worries regarding deposit outflows, and the related compromise proposal will prohibit stablecoin rewards similar to bank deposit interest while allowing crypto companies to offer other forms of customer rewards.

According to Crypto In America, the U.S. CLARITY Act has reached a key compromise on the yield mechanism for stablecoins, clearing an important obstacle for the Senate Banking Committee to advance its review.Under the latest proposal, crypto companies can offer rewards (such as cashback or membership benefits) based on user transaction behavior, but are prohibited from paying interest yields (APY) on idle stablecoin balances. This compromise means that stablecoins will be explicitly positioned as payment tools, rather than as bank-like deposits or high-yield savings products. The industry generally believes that this provision strikes a balance between the crypto industry and traditional banks, but is overall more favorable to the banking system.Industry organizations, including Coinbase, have renewed their support for the bill, believing that although the yield restrictions have tightened, there is still room to earn rewards based on actual usage scenarios. Some industry insiders have pointed out that this move limits the financial attributes of stablecoins.In terms of the regulatory process, Senate Banking Committee Chairman Tim Scott is expected to schedule a markup of the bill soon, possibly as early as mid-May after Congress reconvenes. Additionally, discussions around DeFi regulation (such as defining developer responsibilities) and ethical provisions are still ongoing and may become important variables affecting the bill's final passage. The market generally believes that the next two weeks will be a critical window for whether the CLARITY Act can be implemented.

U.S. lawmakers have reached an agreement on the stablecoin yield provision, which had previously stalled the Clarity Act in the Senate for months.Senators Tom Tillis and Angela Alsobrooks have finalized the text of the relevant compromise, which stipulates in Section 404 that crypto companies may not offer interest or yields that are economically or functionally equivalent to bank deposits, but allows for activity incentives related to the use of real platforms. Coinbase CEO Brian Armstrong stated that the Senate Banking Committee should be urged to review the bill as soon as possible. This progress may provide the conditions needed to advance the previously stagnant review process.

Coinbase stated that a key disagreement regarding the yield terms for stablecoin holdings has been resolved with traditional banks, clearing the way for the U.S. Senate to advance the cryptocurrency market structure bill.Previously, banks had lobbied to restrict or prohibit exchanges from providing yields to stablecoin holders, mainly concerned about funds flowing out of the banking deposit system. Coinbase's Chief Policy Officer Faryar Shirzad indicated that the final plan, while adding some restrictions, still preserves the space for users to earn rewards through crypto platforms and networks based on actual use cases. This progress is expected to push the "Clarity Act" into the voting process in the Senate Banking Committee, further clarifying the division of responsibilities between the SEC and CFTC in the regulation of crypto assets.

Purrlend announced that it encountered a security incident during the deployment of HyperEVM and MegaETH, resulting in a loss of approximately $1.52 million.The attacker breached the team's 2/3 multi-signature wallet, granting permissions such as BRIDGE_ROLE to a malicious EOA, and minted unbacked pUSDm and pUSDC through mintUnbacked, using them as collateral to borrow assets from the pool. Purrlend stated that it has suspended the protocol, revoked related permissions, and is working with security teams, law enforcement, and cross-chain bridge partners to track and attempt to recover the funds.

According to official news, Syndicate Labs disclosed that its cross-chain bridge contract was maliciously upgraded on two chains due to a private key leak. The attacker transferred and sold approximately 18.5 million SYND (about $330,000) and around $50,000 worth of user tokens. The incident only affected specific chains, while others were not impacted.Syndicate Labs stated that this attack involved multi-stage reconnaissance, infrastructure mapping, and careful execution, demonstrating a high level of technical complexity, and ruled out the involvement of internal personnel. The root cause was that the private key was stored in a password management tool without an additional layer of encryption, and the upgrade process did not utilize multi-signature or hardware signature mechanisms, nor did it have early warning and circuit breaker measures for contract upgrades.Syndicate Labs announced that it will fully compensate all affected users, including returning 18.5 million SYND and providing additional compensation, while also fully compensating affected application chain clients. The company has initiated security upgrade measures, including strengthening private key encryption, tightening access permissions, and plans to introduce hardware or multi-signature mechanisms and upgrade path monitoring to prevent similar incidents from occurring again.

LayerZero Labs announced a commitment to provide over 10,000 ETH to the DeFi United ecological rescue initiative led by Aave. This includes a donation of 5,000 ETH and an additional deposit of 5,000 ETH to enhance Aave market liquidity.

According to The Block, the new governor of the Bank of Korea, Shin Hyun-song, delivered an inaugural speech promising to promote the development of central bank digital currency (CBDC) and deposit tokens, and will expand related applications through the "Han River Project" Phase Two, while participating in global collaborations such as Project Agora to strengthen the position of the Korean won in the global payment system.It is noteworthy that Shin Hyun-song did not mention the Korean won stablecoin in his speech, despite South Korean legislators actively advancing the "Digital Asset Basic Law" to establish a legal framework for stablecoins, with discussions expected to resume after the regional elections on June 3. Previously, during his tenure at the Bank for International Settlements (BIS), Shin held a negative attitude towards stablecoins, believing that stablecoins could not replace currency, but it has been reported that his stance has changed, stating that the Korean won stablecoin should coexist with CBDC.