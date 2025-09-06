2025-09-09 Tuesday

Coinbase’s Go-To AI Coding Tool Found Vulnerable to ‘CopyPasta’ Exploit

A new exploit targeting AI coding assistants has raised alarms across the developer community, opening companies such as crypto exchange Coinbase to the risk of potential attacks if extensive safeguards aren’t in place.Cybersecurity firm HiddenLayer disclosed Thursday that attackers can weaponize a so-called “CopyPasta License Attack” to inject hidden instructions into common developer files.The exploit primarily affects Cursor, an AI-powered coding tool that Coinbase engineers said in August was among the team's AI tools. Cursor is said to have been used by “every Coinbase engineer.”How the attack worksThe technique takes advantage of how AI coding assistants treat licensing files as authoritative instructions. By embedding malicious payloads in hidden markdown comments within files such as LICENSE.txt, the exploit convinces the model that these instructions must be preserved and replicated across every file it touches. Once the AI accepts the “license” as legitimate, it automatically propagates the injected code into new or edited files, spreading without direct user input. This approach sidesteps traditional malware detection because the malicious commands are disguised as harmless documentation, allowing the virus to spread through an entire codebase without a developer’s knowledge.In its report, HiddenLayer researchers demonstrated how Cursor could be tricked into adding backdoors, siphoning sensitive data, or running resource-draining commands — all disguised inside seemingly innocuous project files.“Injected code could stage a backdoor, silently exfiltrate sensitive data or manipulate critical files,” the firm said.Coinbase CEO Brian Armstrong said on Thursday that AI had written up to 40% of the exchange’s code, with a goal of reaching 50% by next month.However, Armstrong clarified that AI-assisted coding at Coinbase is concentrated in user interface and non-sensitive backends, with “complex and system-critical systems” adopting more slowly.'Potentially malicious'Even so, the optics of a virus targeting Coinbase’s preferred tool amplified industry criticism.AI prompt injections are not new, but the CopyPasta method advances the threat model by enabling semi-autonomous spread. Instead of targeting a single user, infected files become vectors that compromise every other AI agent that reads them, creating a chain reaction across repositories.Compared to earlier AI “worm” concepts like Morris II, which hijacked email agents to spam or exfiltrate data, CopyPasta is more insidious because it leverages trusted developer workflows. Instead of requiring user approval or interaction, it embeds itself in files that every coding agent naturally references.Where Morris II fell short due to human checks on email activity, CopyPasta thrives by hiding inside documentation that developers rarely scrutinize.Security teams are now urging organizations to scan files for hidden comments and review all AI-generated changes manually.“All untrusted data entering LLM contexts should be treated as potentially malicious,” HiddenLayer warned, calling for systematic detection before prompt-based attacks scale further.(CoinDesk has reached out to Coinbase for comments on the attack vector.)
Coinstats2025/09/06 12:30
3 Fresh Wallets Buy $148.8M Ethereum – Signs Of Silent Stacking

The post 3 Fresh Wallets Buy $148.8M Ethereum – Signs Of Silent Stacking appeared on BitcoinEthereumNews.com. 3 Fresh Wallets Buy $148.8M Ethereum – Signs Of Silent Stacking | Bitcoinist.com Sign Up for Our Newsletter! For updates and exclusive offers enter your email. Sebastian’s journey into the world of crypto began four years ago, driven by a fascination with the potential of blockchain technology to revolutionize financial systems. His initial exploration focused on understanding the intricacies of various crypto projects, particularly those focused on building innovative financial solutions. Through countless hours of research and learning, Sebastian developed a deep understanding of the underlying technologies, market dynamics, and potential applications of cryptocurrencies. As his knowledge grew, Sebastian felt compelled to share his insights with others. He began actively contributing to online discussions on platforms like X and LinkedIn, focusing on fintech and crypto-related content. His goal was to expose valuable trends and insights to a wider audience, fostering a deeper understanding of the rapidly evolving crypto landscape. Sebastian’s contributions quickly gained recognition, and he became a trusted voice in the online crypto community. To further enhance his expertise, Sebastian pursued a UC Berkeley Fintech: Frameworks, Applications, and Strategies certification. This rigorous program equipped him with valuable skills and knowledge regarding Financial Technology, bridging the gap between traditional finance (TradFi) and decentralized finance (DeFi). The certification deepened his understanding of the broader financial landscape and its intersection with blockchain technology. Sebastian’s passion for finance and writing is evident in his work. He enjoys delving into financial research, analyzing market trends, and exploring the latest developments in the crypto space. In his spare time, Sebastian can often be found immersed in charts, studying 10-K forms, or engaging in thought-provoking discussions about the future of finance. Sebastian’s journey…
BitcoinEthereumNews2025/09/06 12:24
Solana Co-founder Highlights Network’s Transaction Dominance Over Ethereum

The post Solana Co-founder Highlights Network’s Transaction Dominance Over Ethereum appeared on BitcoinEthereumNews.com. News Solana hit 2.9B transactions in August, surpassing Ethereum’s lifetime total. Network posted $148M in app revenue and 83M active addresses in one month. 843K tokens launched, 357 projects hit $1M+ valuation, showing ecosystem growth. Solana co-founder Anatoly Yakovenko has published metrics defending the blockchain’s performance amid ongoing criticism about its transaction reporting methods. Yakovenko’s social media post addresses skeptics who question the legitimacy of Solana’s usage statistics and economic activity measurements. The SOL co-founder emphasized the network’s high-throughput capabilities as a key advantage for processing large transaction volumes. Yakovenko used the fact that Solana processed 2.9 billion transactions in August 2025 to refute claims regarding the true usefulness and uptake of the blockchain. Transaction Volume Comparison Favors Solana The comparison between Solana and Ethereum reveals stark differences in transaction processing capabilities. While Solana achieved 2.9 billion transactions in a single month, Ethereum has only reached the same total transaction count across its entire operational history since launching in 2015. This disparity illustrates the throughput advantages that newer blockchain architectures can provide compared to established networks. Ethereum’s lower transaction capacity stems from its original design priorities, which emphasized security and decentralization over raw processing speed. Yakovenko referenced official SOL data showing the network generated $148 million in application revenue during August. This figure represents a 92% increase compared to 2024 performance metrics, positioning Solana ahead of competing blockchain networks in terms of revenue generation. The network also recorded 83 million active addresses, doubling the previous year’s count. This growth in user adoption supports arguments about Solana’s expanding ecosystem and increasing mainstream appeal among cryptocurrency users. Token creation activity on SOL reached 843,000 new launches during the month, with 357 projects achieving valuations exceeding $1 million. These figures indicate healthy developer activity and investor interest in Solana-based applications and assets. Yakovenko’s…
BitcoinEthereumNews2025/09/06 12:22
MyStonks and Oracle Project APRO reached a strategic cooperation in the RWA field

PANews reported on September 6th that MyStonks, a decentralized trading platform for US stock tokens, officially announced a strategic partnership with the oracle project APRO. The two parties will collaborate on in-depth data collaboration in the decentralized asset management (RWA) sector. APRO is a professional oracle service provider, providing verifiable data for DeFi, RWA, and artificial intelligence (AI). APRO ranks sixth in TVS in the DeFi sector and has integrated over 30 blockchains. In the RWA sector, it provides accurate, manipulation-resistant data on US Treasuries, stocks, and commodities. In the AI sector, it has partnered with over 20 AI agents and supports mainstream frameworks such as DeepSeek and ElizaOS. MyStonks has listed over 185 US stock tokens, with cumulative RWA trading volume exceeding $1.45 billion and over 40,000 users. This partnership will provide better underlying support for MyStonks' asset pricing mechanism, further optimize trading risk control, and strengthen the platform's decentralized trading operations.
PANews2025/09/06 12:13
German Authorities Miss $5B Bitcoin Linked to Movie2K

Detail: https://coincu.com/news/german-movie2k-bitcoin-unseized/
Coinstats2025/09/06 12:12
Why Bitcoin May Not Peak in Q4 2025 Despite Historical Trends

Traders expecting Bitcoin (BTC) to reach its cycle-high by the end of 2025 may be relying on flawed statistical assumptions, according to a leading crypto analyst. In a post on X (formerly Twitter) on Friday, analyst PlanC argued that predictions of a Q4 price peak are misguided. “Anyone who thinks Bitcoin has to peak in […]
Coinstats2025/09/06 12:10
Tokenization Is ‘Mutual Fund 3.0,’ Bank of America (BAC) Says

The post Tokenization Is ‘Mutual Fund 3.0,’ Bank of America (BAC) Says appeared on BitcoinEthereumNews.com. Bank of America (BAC) sees tokenization, the creation of a virtual investment vehicle on the blockchain linked to a tangible asset, as the next phase in the evolution of investment products, describing it as “mutual fund 3.0,” the Wall Street bank said in a Friday report. Just as mutual funds first emerged in 1924 and exchange-traded funds (ETFs) reshaped investing in the 2000s, blockchain technology could underpin a new generation of financial vehicles, analysts led by Craig Siegenthaler wrote. Real-world asset (RWA) tokenization is advancing quickly. The bank noted that firms like Securitize are working with managers including BlackRock (BLK), Apollo, KKR and Hamilton Lane to issue tokenized funds. Asset manager WisdomTree (WT) built its own tokenization engine, giving it the ability to offer more than a dozen tokenized funds. According to data provider RWA.xyz the value of real-word assets represented on-chain exceeds $28 billion, largely in private credit and Treasuries. Still, regulation remains a headwind. The GENIUS and Clarity Acts address stablecoins, but leave many questions about tokenized funds unresolved. Still, the bank argues, the advantages of tokenization will drive adoption over time despite limited access for U.S. investors today. The case for tokenized equities is weaker because U.S. brokers already offer commission-free stock and exchange-traded fund (ETF) trading after Robinhood’s (HOOD) disruption in 2019, the analysts wrote. That shift pushed firms toward monetizing client cash and order flow, making tokenized versions of these assets less compelling, the bank’s analysts said. But tokenized money market funds, powered by smart contracts, could upend those cash sweep economics and open new revenue models. Distribution is still the bottleneck. Platforms offering tokenized funds remain rare, though online brokers like Robinhood, Public and eToro (ETOR) are well positioned given their crypto businesses and younger, self-custody-oriented client bases. Coinbase (COIN) may also emerge as…
BitcoinEthereumNews2025/09/06 12:09
Justin Bieber Builds On ‘Swag’ Album With Quick Follow-Up ‘Swag II’

The post Justin Bieber Builds On ‘Swag’ Album With Quick Follow-Up ‘Swag II’ appeared on BitcoinEthereumNews.com. Justin Bieber NBCU Photo Bank via Getty Images Justin Bieber has wasted little time in sharing new music following the release of his album Swag in July. The Grammy-winning hitmaker has released Swag II, a surprise follow-up to his previous LP that spawned top-20 singles like “Daisies” and “Yukon.” The Swag II reissue, boasting 23 tracks on top of the first 21, arrives two weeks after Bieber marked the first birthday of his child, Jack Blues Bieber, with wife Hailey Bieber. On the new project, Bieber continues to open up about his personal life – namely, his marriage and speculation about substance abuse – with the help of star producers like Mike Will Made It and Mk.gee. “They try to say I’m out of my mind / But now they singing every line,” Bieber sings on opening track “Speed Demon.” “I got a lot of mountains to climb / Had to leave some beggars behind / And there’s something that’s stronger than me / That’s paving me a new lane and giving me an energy / And there’s something in the way she made me certain I’m enough / Everyday she put the loving on me / And all the people that be doubting on me / They gave me witness my redemption, now they up on my seat.” Bieber similarly shares his appreciation for and commitment to his wife on tracks like “I Do,” “Mother in You,” “Don’t Wanna,” and Tems collab “I Think You’re Special.” “I do / I mean it when I say that I do / Nobody gets to touch you / I do / You’ll always be the one that I choose,” he croons on “I Do,” adding, “[I’ve] never loved you more than I do right now.” It remains to be seen whether Bieber…
BitcoinEthereumNews2025/09/06 12:08
Brazil's largest private asset manager, Itaú Asset, has launched a dedicated cryptocurrency division.

PANews reported on September 6th that, according to Cointelegraph, Itaú Asset Management, Brazil's largest private asset management firm, has established a dedicated cryptocurrency division and appointed former Hashdex executive João Marco Braga da Cunha to lead it. The division builds on Itaú Asset's existing cryptocurrency products, including the bank's Bitcoin ETF and a retirement fund offering digital asset investments. Itaú Asset manages over 1 trillion reais (US$185 billion) in assets for its clients. “The cryptoasset space has unique characteristics for generating alpha. It’s a relatively new market and its volatility creates huge opportunities,” said Cunha, who previously served as director of portfolio management at Hashdex, one of the first cryptocurrency ETF owners in Brazil.
PANews2025/09/06 12:07
$5,940,000,000 XRP Activity Surge Shocks Market as Price Flips Direction

The post $5,940,000,000 XRP Activity Surge Shocks Market as Price Flips Direction appeared on BitcoinEthereumNews.com. The crypto market saw whipsaw price action in the early Friday session, with various crypto assets seeing a surge in trading activity. XRP likewise saw its volume rise as much as 44% to reach $6.57 billion, according to CoinMarketCap data. XRP Volume, Courtesy: CoinMarketCap The broader crypto market rose in response to a weaker jobs report released Friday, which seemed to boost the potential of a rate cut in the upcoming Fed meeting scheduled for September. You Might Also Like Cryptocurrencies returned to green afterward, but the rise was shortlived, followed by a drop. At press time, XRP was down 0.85% in the last 24 hours to $2.80 after reaching an intraday high of $2.88. XRP news CME futures recently gave a recap of August growth, which saw a record $36 billion in OI for Crypto futures and options. XRP stole the spotlight as it reached an all-time high in open interest as institutional activity expanded beyond Bitcoin. You Might Also Like Ripple CEO Brad Garlinghouse took to X to highlight the recent milestone, noting XRP’s impressive surge in open interest: “Per CMEGroup data, XRP Futures contracts were the fastest-ever (just over 3 months) to hit $1B in open interest.” This week, the credentials amendment was activated on the XRP Ledger mainnet. Credentials (XLS-70) are designed to be a lightweight feature additive to the DID standard and are a framework for issuing, managing and verifying user credentials directly on the XRP Ledger. This standard introduces a new “Credential” ledger object along with new transaction types for creating, accepting and deleting credentials. Source: https://u.today/5940000000-xrp-activity-surge-shocks-market-as-price-flips-direction
BitcoinEthereumNews2025/09/06 12:06
