supply

According to on-chain analyst Ai Yi's monitoring, Hex Trust's affiliated entities have accumulated 72.23 million H tokens in the past 4 hours, accounting for 2.55% of the circulating supply. Its foundation made significant adjustments in April regarding the H token allocation for early investors, either extending the unlocking period or issuing the full amount of tokens at a 70% discount in a one-time distribution on June 26. Hex Trust is one of its strategic investors, and it is still unclear whether this asset transfer is related to the upcoming unlocking.

According to SlowMist monitoring, a new type of Rust supply chain malware activity named IronWorm is attacking developer environments and the Web3 ecosystem through malicious npm packages. Potential attack behaviors include credential theft, wallet mnemonic and password theft, GitHub repository tampering, malicious package publishing, CI/CD secret leakage, Tor-based command control, and eBPF rootkit stealth.Security teams should audit the repository for backtracked commits, suspicious branches, unexpected build hooks, and commits from automated identities such as claude, dependabot, renovate, or github-actions. It is recommended to remove or deprecate affected package versions, publish clean versions, rotate all leaked keys and tokens, review GitHub Actions artifacts, and rebuild potentially compromised development or CI systems from clean images.

CryptoQuant analyst Darkfost posted on the X platform that Bitcoin fell 12.5% in the past week, and the proportion of profitable supply has dropped to 55%, which is significantly low. Historically, bear markets have pushed this indicator below 50%, indicating that unrealized losses dominate the market. In February of this year, this indicator reached 53%, and at the current rate, the 50% threshold is about to be breached. Darkfost stated that while this is a bearish signal in the short term, such periods have historically been profit opportunities for long-term investors.

At the annual shareholder meeting held in Hsinchu, TSMC Chairman and CEO C.C. Wei stated that the global chip supply will still be unable to meet the surge in AI demand in the coming years. Even though TSMC is expanding its capacity in the United States, it will be difficult to fully meet the needs of American customers, and achieving a balance between supply and demand will take a long time.C.C. Wei reiterated that TSMC's sales are still expected to grow by more than 30% this year. The company's capital expenditure is expected to approach the upper limit of $56 billion this year, while global major hyperscale cloud service providers are expected to spend $725 billion in the AI sector. Affected by Broadcom's performance outlook, TSMC's stock price in Taipei fell slightly by 1%, but the cumulative increase over the past three years has exceeded four times. C.C. Wei also stated that the average bonus for employees will increase by more than 30% this year.

SlowMist has issued a security alert, detecting an active npm supply chain attack targeting @redhat-cloud-services related packages. Currently, over 31 packages have been confirmed affected, with a weekly download volume of approximately 116,000 times, and stolen credentials exist in more than 300 GitHub repositories. This attack method is highly similar to the previous "Shai-Hulud" npm attack, including credential theft, creation of malicious repositories, and automated secret leakage. New suspicious repositories continue to emerge, indicating that the attack is still ongoing, and developers are still being continuously infected.Potential harms include: theft of GitHub/npm tokens, leakage of AWS/GCP/Azure cloud credentials, collection of SSH keys and Kubernetes secrets, leakage of local environment and wallet data, creation of malicious repositories and persistence operations, and even potentially destructive actions after tokens are revoked. It is recommended to immediately remove or downgrade affected @redhat-cloud-services package versions, conduct a comprehensive audit of CI/CD workflows and dependency installations, rotate all GitHub, npm, cloud service, SSH, and wallet-related keys, retain logs, and rebuild exposed developer machines or Runners from clean images while maintaining a high level of vigilance.

According to data from Dune Analytics, the payment-specific Layer 1 blockchain Tempo, incubated by Stripe, has processed 3.9 million transactions across 177,000 addresses since its mainnet launch on March 18. Its native TIP-20 stablecoin standard currently supports a circulating supply of over $25 million, covering multiple issuers and yield-bearing token variants. The TIP-20 standard is implemented through precompiled contracts rather than ERC-20 contracts, making the stablecoin native to the Tempo protocol, allowing issuers to utilize programmable strategies including transfer rules, whitelists, and fee logic.The distribution of stablecoin supply spans multiple issuers, with pathUSD leading at $8.2 million, followed by USDB, USDT0, and USDC.e and EURC.e bridged through Stargate, each holding between $4.5 million and $5.5 million in circulation. The Tempo architecture supports direct payment of Gas fees in stablecoins, eliminating the need for a native token. Tempo has been fully indexed by Dune Analytics, allowing for direct comparison with stablecoin data from major blockchains such as Tron, Solana, and Ethereum.

According to The Block, based on the latest official documentation, Tether's USAT supply has increased by nearly 540% month-on-month, rising from approximately 22 million in March to over 140 million in April, with the total reserve balance also increasing to about 141 million USD, which means that the reserve surplus is approximately 327,000 USD relative to the circulating token quantity.Tether CEO Paolo Ardoino stated that the adoption of regulated digital dollars is accelerating, and as stablecoin regulations become clearer, institutions will seek digital dollars that combine scale, regulated issuance, and transparent reserve reporting. USAT was launched in January, aiming to comply with the requirements of the GENIUS Act, marking Tether's attempt to enter the U.S. regulatory framework.

According to Cointelegraph, the current amount of staked Ethereum has reached a historic high of 39.2 million coins, accounting for 32.19% of the total supply, with an additional 3.3 million coins waiting to enter the staking queue.

According to BBX data, yesterday (May 26), the largest publicly traded company holding Ethereum announced the latest SEC filing, with Strive's weekly increase of 1,109 coins maintaining a steady pace, and the SATA financing flywheel continuing to operate. The core dynamics are as follows:Bitmine Immersion Technologies, Inc. (NYSE: $BMNR) submitted Form 8-K to the SEC on May 26, disclosing that as of that date, the company's ETH holdings reached 5.39 million coins (accounting for 4.47% of the total ETH circulation, with a target of 5%, currently completed 89%), with a total of approximately $12.3 billion in combined crypto assets, cash, and strategic equity investments; among which 4,712,917 ETH has been staked (valued at approximately $10.1 billion at $2,134 per coin), with a 7-day staking annualized yield of 2.75%, and an estimated annualized income of approximately $276 million based on full staking; the company's self-operated validation node platform MAVAN has also opened staking services to external institutions. Chairman Tom Lee pointed out in a statement that if the ETH closing price in May is above $2,100, it will be the first time there has been a positive monthly close for three consecutive months, "which has never happened in a crypto bear market." The average daily trading volume of $BMNR over the past 5 days is approximately $572 million, making it the 193rd most actively traded stock in the U.S.Strive, Inc. (NASDAQ: ASST) disclosed in its 8-K on May 26 the asset changes from May 18-22: BTC holdings increased from 15,391 coins to 16,500 coins (a net increase of 1,109 coins), cash increased from $87.3M to $93.3M (+$6M), and STRC holdings increased from $49.8M to $50.1M; during the same period, Class A common stock increased by approximately 2.23 million shares (conversion of SATA preferred stock), and the total amount of SATA preferred stock increased by approximately 515,000 shares. Strive uses the issuance of SATA preferred stock as its main financing tool, continuing the systematic accumulation of BTC; the BTC yield from 2026 to date is approximately 18.4% (as of May 19).

According to Slow Fog's disclosure, the security agency MistEye detected a cross-registry supply chain attack incident, where attackers targeted developers in the fields of cryptocurrency, DeFi, Solana, Sui/Move, and AI by publishing malicious packages on npm, PyPI, and crates.io. This attack activity includes more than 34 malicious packages and over 384 related versions. The attackers may steal cryptocurrency wallets, SSH keys, cloud credentials, GitHub/AWS tokens, browser data, environment variables, and developers' confidential information.Some of the malicious payloads also attempted to achieve persistence through .cursorrules, CLAUDE.md, Git hooks, shell hooks, cron, systemd, and SSH. Developers are advised to immediately remove the affected packages, isolate the affected systems, retain logs, rotate exposed credentials, rebuild CI environments and developer machines from clean images, and review GitHub, cloud services, SSH, and wallet activity logs.

According to on-chain analyst Yu Jin's monitoring, 7 hours ago, two wallet addresses withdrew 111 million SAHARA (3.81 million USD) from Binance and Bitget, accounting for 3.4% of the circulating supply of SAHARA. It is reported that the project just announced the launch of SAHARA staking three days ago.

According to data from Artemis, the USDC holdings on the Coinbase platform have surged to a historic high of $19 billion, accounting for 25.3% of the total USDC supply. Compared to less than 5% at the beginning of 2023, this share has achieved remarkable growth over three years. As the platform can earn interest income from USDC reserves, the continuous expansion of holdings will further enhance Coinbase's revenue-generating capacity in its financial reports.

According to crypto analyst Yu Jin @EmberCN, about 7 hours ago, a batch of addresses suspected to belong to Polychain unlocked and redeemed 122 million EIGEN from the EigenCloud (formerly EigenLayer) staking contract, worth approximately 23.88 million USD, accounting for 16.5% of the current circulating supply of EIGEN.Currently, the related EIGEN remains in the addresses and has not been further transferred. Yu Jin stated that this batch of tokens comes from the investment allocation for 2024, and Polychain was one of the early leading investors in EigenCloud.

According to data from DefiLlama, the supply of stablecoins has reached a historic high, exceeding $32.3 billion.

According to the threat intelligence released by Slow Fog, several high-frequency npm packages including AntV and Echarts-for-react, as well as the Python SDK durabletask, have recently been targeted by the Mini Shai-Hulud "mini sandworm" supply chain attack. The npm account atool was compromised, and the attacker automatically published 637 malicious versions within 22 minutes, affecting 317 packages. The attacker continuously uploaded durabletask versions 1.4.1, 1.4.2, and 1.4.3 within 35 minutes, bypassing normal release controls and impersonating an official Microsoft release.The large-scale leak of GitHub tokens and the ransomware attack on Grafana Labs are likely related to this supply chain attack. Affected components include high-frequency components such as AntV and Echarts-for-react in the npm ecosystem, as well as Python packages durabletask 1.4.1, 1.4.2, and 1.4.3. Attackers can steal cloud and local credentials, gain unauthorized access to internal repositories and sensitive cloud infrastructure, move laterally to developer machines and CI/CD pipelines, sell and exploit leaked GitHub tokens, and implement ransom and data leak threats.Slow Fog recommends immediately rotating all exposed credentials, replacing affected packages, isolating potentially infected systems, and implementing strict dependency review policies. Previously, it was reported that the "mini sandworm" worm had recently completed widespread infection in open-source code repositories, and developers should be vigilant in checking for issues.

According to The Block, the total supply of stablecoins has surpassed $300 billion, but growth has stagnated. Tether's USDT has increased by over $5 billion in the past month, while the supply of USDC, USDe, and PYUSD has collectively decreased by about $4.2 billion during the same period, resulting in a net growth of only about $900 million, equivalent to a total supply growth of 0.3%.The supply of USDe has decreased by 28% in the past month and nearly 34% year-to-date, as its reliance on the funding rate mechanism of perpetual contracts has been compressed following the deleveraging event in October last year. Sky's USDS supply has increased by 48.9% year-to-date, and World Liberty Financial's USD1 supply has increased by 33.7%, absorbing most of the capital rotation. The supply of PYUSD has decreased by 13% in the past month. The issuance of bank-issued and GENIUS Act-compliant stablecoins has proven to be more challenging than expected. Analysts point out that if new issuers want to directly replace USDT's market share, they need to offer higher yields, better distribution channels, or regulatory advantages that USDT cannot match.

According to Bloomberg, the Bank of England is considering an alternative in response to the industry's opposition to the proposed limits on stablecoin holdings. Bank of England Deputy Governor Sarah Breeden stated that the central bank is exploring the possibility of setting a temporary "guardrail" on the total issuance of stablecoins as an alternative option to the existing proposal. This statement indicates that the Bank of England is reassessing its regulatory framework for stablecoins.

Arkham issued a warning regarding the token concentration of the $4 billion market cap crypto project LAB. According to on-chain analysis posted on X, a single entity may control over 90% of the token's supply, with on-chain analyst ZachXBT noting that the internal holding ratio could be as high as 95%.

Binance Research released a chart analysis this week indicating that four on-chain signals point to the same conclusion: supply is tightening, and selling pressure has been exhausted.Long-term dormancy: Nearly 60% of BTC supply has not moved for over a year, significantly higher than 27% in 2012. The dormancy rate peaked at 69.5% when the spot Bitcoin ETF was approved in January 2024 and has since remained close to historical highs.SLRV indicator: The short-term to long-term holder value ratio is deeply entrenched in historical bottom territory, indicating a lack of market sentiment. Long-term holders dominate the supply, while short-term speculators have largely exited. Historically, every cycle bottom has been accompanied by this ratio entering the current region.Exchange balances: Since peaking at 17.6% during the pandemic, exchange balances have dropped to 15%, with approximately 500,000 BTC permanently leaving exchanges, and seller supply has fallen to a six-year low.STH MVRV indicator: Since November 2024, the BTC short-term holder MVRV has mostly remained below 1, gradually exhausting selling pressure. Currently, this ratio has rebounded to 1, and short-term holders are beginning to reaccumulate unrealized gains. As profit accumulation is still in its early stages, a new wave of selling pressure is unlikely to emerge immediately; historically, this pattern often appears before a sustained recovery.