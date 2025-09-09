2025-09-11 Thursday

Крипто жаңалықтары

Bitcoin Hyper Poised for Breakout: Analysts Call It the Best Crypto to Buy Now

While Bitcoin may not be the best crypto to buy now considering that the apex crypto has retraced from its previous highs, it has inspired a meme coin that could be a big hit in 2025. Known as Bitcoin Hyper, the project adds an element of hype to the traditional Bitcoin narrative by focusing on […]
The Cryptonomist2025/09/09 14:16
OpenAI threatens to ditch California as state politics threaten its for-profit pivot

The post OpenAI threatens to ditch California as state politics threaten its for-profit pivot appeared on BitcoinEthereumNews.com. OpenAI is warning that it might leave California entirely as legal fights and political backlash threaten to kill its restructuring plans. Executives are weighing a possible exit after realizing the state’s attorney general could block the company’s move to become a for-profit operation. The company’s entire future now hinges on getting regulatory approval, or risking losing nearly $19 billion in investor cash. According to reporting from The Wall Street Journal, OpenAI is being targeted by some of California’s biggest nonprofit coalitions, labor unions, and philanthropic groups. These organizations want the attorney general to investigate whether the company’s restructuring would break state charity laws. Attorneys General threaten legal action if restructure proceeds California and Delaware’s attorneys general are both investigating the proposal. They’ve got legal power to sue or demand changes if they believe OpenAI is violating nonprofit law. The office of California’s attorney general is already warning that OpenAI’s current plan may go against its original mission. The state sent a letter raising concerns, especially in light of multiple suicides reported by people who interacted with ChatGPT over extended periods. In the letter, regulators wrote, “The recent deaths are unacceptable. They have rightly shaken the American public’s confidence in OpenAI and this industry.” They told OpenAI that safety must come first. They also made it clear the company’s nonprofit status requires transparency and a public-first approach to AI deployment. Executives inside OpenAI didn’t expect this kind of pushback when they announced the restructure late last year. The intensity of the legal pressure, especially from California, has turned into a real threat. Sam Altman, who co-founded OpenAI in 2015, built the company into an $86 billion AI powerhouse, but now he’s at risk of watching it fall apart over legal technicalities. OpenAI is still run as a for-profit unit under a…
BitcoinEthereumNews2025/09/09 14:15
What Happened in the Billion-Download NPM Supply-Chain Attack of September 2025?

BitcoinWorld What Happened in the Billion-Download NPM Supply-Chain Attack of September 2025? As of September 9, 2025, the JavaScript ecosystem is responding to a major supply-chain attack that compromised the NPM account of the popular developer qix. This compromise led to the publication of malicious versions of dozens of widely-used packages, including chalk, strip-ansi, and color-convert. The combined weekly downloads of the affected packages exceed one billion, making this one of the most significant security incidents in open-source history. Initial Discovery: The attack was first detected through a cryptic build failure in a CI/CD pipeline, specifically a ReferenceError: fetch is not defined. This error occurred because the malware’s attempt to exfiltrate data via a fetch call failed in an older Node.js environment that lacked the global fetch function. Root Cause: The attacker gained control of the qix NPM account, allowing them to publish malicious patch versions of key libraries. Vast Impact: The compromised packages are fundamental building blocks of countless projects, often buried deep within dependency trees. Key affected packages and their approximate weekly downloads include: chalk: ~300 million strip-ansi: ~261 million color-convert: ~193 million color-name: ~191 million is-core-module: ~69 million error-ex: ~47 million simple-swizzle: ~26 million has-ansi: ~12 million   How Does the Crypto-Clipper Malware from the NPM Attack Steal Funds? The malicious code, a sophisticated “crypto-clipper,” is designed to steal cryptocurrency by targeting user transactions and wallet interactions. It operates using a two-pronged strategy:   Passive Address Swapping: The malware “monkey-patches” the browser’s native fetch and XMLHttpRequest functions to intercept all network traffic. It contains a list of attacker-owned wallet addresses for currencies like Bitcoin (BTC), Ethereum (ETH), Solana (SOL), Tron (TRX), Litecoin (LTC), and Bitcoin Cash (BCH). Using the Levenshtein distance algorithm, the script finds the attacker’s address that is typographically most similar to the user’s legitimate one, making the substitution difficult for the human eye to detect. Active Transaction Hijacking: If the malware detects a browser-based wallet like MetaMask by checking for window.ethereum, it hijacks the wallet’s communication methods (request, send). When a user initiates a transaction, the malware modifies the data in memory, replacing the legitimate recipient’s address with a hardcoded attacker’s address. The user then unknowingly signs a fraudulent transaction, redirecting their funds to the attacker. Tracking the Attack: The transparency of blockchains allows for the monitoring of these fraudulent transactions. One of the primary Ethereum addresses used by the attacker is 0xFc4a4858bafef54D1b1d7697bfb5c52F4c166976. A complete list of compromised wallets is available in a public GitHub Gist.   What Immediate Steps Can Developers Take to Protect Their Projects? While NPM and the open-source community are actively working to remediate the attack by removing malicious versions, compromised packages may still exist in project dependencies or lock files. To protect your projects, developers must take these immediate, critical steps: Audit Your Dependencies: Immediately check your project’s package-lock.json or yarn.lock file to identify any use of the affected packages. Pin to Safe Versions: Use the overrides feature in your package.json file to force npm to use known-safe versions of the compromised packages. This is crucial for fixing transitive dependencies.   Example package.json configuration: JSON { "name": "your-project", "version": "1.0.0", "overrides": { "chalk": "5.3.0", "strip-ansi": "7.1.0", "color-convert": "2.0.1", "color-name": "1.1.4", "is-core-module": "2.13.1", "error-ex": "1.3.2", "has-ansi": "5.0.1" } }   Clean and Reinstall: After adding the overrides, delete your node_modules folder and package-lock.json file. Then, run npm install to generate a new, clean lock file with the pinned, safe versions. This ensures that no vulnerable code remains in your project’s environment. Why is the qix NPM account compromise a significant supply-chain security threat? The compromise of the qix NPM account is a critical threat because it allowed an attacker to inject malicious code into extremely popular, foundational JavaScript packages. These libraries are not typically direct dependencies but are pulled in by hundreds or thousands of other packages. This vast and invisible dependency tree meant the malicious code could spread to millions of applications and developer machines with minimal friction, weaponizing the inherent trust within the open-source ecosystem.   What is a “crypto-clipper” and how does it relate to the September 2025 NPM attack? A “crypto-clipper” is a type of malware that hijacks cryptocurrency transactions. In the context of the NPM attack, the malicious code injected into packages like chalk and strip-ansi acts as a crypto-clipper. It silently monitors web traffic and clipboard data, specifically looking for crypto wallet addresses. When a user copies or initiates a transaction, the clipper swaps the legitimate recipient address with the attacker’s, rerouting funds and causing financial loss without the user’s immediate knowledge.   How can a simple build error uncover a sophisticated supply-chain attack? In this attack, a seemingly minor build error, a ReferenceError: fetch is not defined, was the first indicator of a deep-rooted problem. This error occurred because the malware’s data exfiltration attempt relied on a modern browser function that was not present in an older Node.js environment. The failure to execute its payload made the malicious code visible, highlighting how even a simple configuration mismatch or an outdated environment can inadvertently act as a tripwire for sophisticated, obfuscated attacks.   The qix NPM account attack serves as a stark reminder that the open-source ecosystem, despite its collaborative nature, is a major target for sophisticated cyber threats. The vulnerability exposed is not just a technical flaw but a systemic risk stemming from the trust placed in third-party dependencies. Organizations must move beyond basic security practices and adopt a proactive, vigilant stance that includes hardening CI/CD pipelines, implementing strict dependency management policies, and fostering a security-first culture. Failing to act now leaves projects exposed to similar threats that can compromise intellectual property, user data, and financial assets on a massive scale. This post What Happened in the Billion-Download NPM Supply-Chain Attack of September 2025? first appeared on BitcoinWorld and is written by Keshav Aggarwal
Coinstats2025/09/09 14:15
USD/CNH Exchange Rate Declines, Prompting Crypto Market Shifts

Detail: https://coincu.com/markets/usdcnh-rate-drops-influences-crypto/
Coinstats2025/09/09 14:14
U.S. tariffs are straining the international petrochemicals market

U.S. tariffs are adding strain to an already soft petrochemicals market, and China, the biggest producer, is redirecting more cargoes to Asian buyers, industry officials said in Singapore on Tuesday. “If tariffs remain in place, petrochemicals trading will see another 15% drop on top of the 34% drop it has seen in the last five years,” said Ganesh Gopalakrishnan, TotalEnergies’ head of petrochemical trading. Gopalakrishnan said traders without their own plants are struggling. He said the 34% drop in volumes over five years is due to too much supply. Haldia Petrochemicals’ Sanjiv Vasudeva said tariffs are pushing countries to be more protectionist. According to Reuters he added that planning near-term investments has become tougher because of excess capacity and price swings, while India’s consumption remains healthy with a steady growth rate, one of the few bright spots for the industry. China is flooding Asia with petrochemicals Chinese products are moving into “our traditional markets,” said Bahrin Asmawi, chief commercial officer at Petronas Chemicals Group. He said the company is expanding into specialty chemicals as exports ranging from resins to finished goods have been displaced by China’s heavier push inside Asia after U.S. tariffs. “Our main market is South Asia, Thailand, Indonesia, Malaysia, Vietnam,” Asmawi said. “And all these are being supplied, being attacked by China because they cannot supply into the U.S.” TotalEnergies has said previously that the oil market is sliding toward oversupply as Opec+ raises output while demand weakens in key economies. The company warned that more crude is coming to market just as consumption slows, setting up a softer backdrop for prices. A related trade shift is playing out in Asia. As reported by Cryptopolitan, China has stepped up shipments to Southeast Asia after a steep fall in direct exports to the United States. That redirection has swelled regional flows. Shipments to Indonesia, Malaysia, Thailand, and Vietnam reached their highest monthly levels on record, the report said. Get seen where it counts. Advertise in Cryptopolitan Research and reach crypto’s sharpest investors and builders.
Coinstats2025/09/09 14:13
MYX Finance Token Soars 270% in 24 Hours, But Red Flags Emerge: What to Know?

Read the full article at coingape.com.
Coinstats2025/09/09 14:12
The TechBeat: Embedded Gen AI: Smarter Predictive Maintenance Apps for Manufacturing (9/9/2025)

How are you, hacker? 🪐Want to know what's trending right now?: The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here. ## Vibe Coding is Creating a Generation of Unemployable Developers By @paoloap [ 7 Min read ] Vibe coding lets AI generate code—but skips the skills that make developers indispensable. Learn why shortcuts can ruin careers in 2025 tech. Read More. Embedded Gen AI: Smarter Predictive Maintenance Apps for Manufacturing By @indium [ 7 Min read ] Embedded generative AI solutions directly integrate advanced generative or AI models into production devices and processes, creating new possibilities for PdM. Read More. How I Cut AWS Compute Costs by 70% with a Multi-Arch EKS Cluster and Karpenter By @svetlanadevops [ 11 Min read ] Learn how we built a multi-arch EKS cluster with Karpenter &amp; Spot Instances, cutting AWS compute costs by 70% and scaling in under 20 seconds. Read More. Streamline Structured + Unstructured Data Flows from Postgres with AI By @badmonster0 [ 8 Min read ] Comprehensive walkthrough on using CocoIndex to build unified, incrementally updated search and analytics pipelines. Read More. Can ChatGPT Outperform the Market? Week 4 By @nathanbsmith729 [ 3 Min read ] Another Insane Week… Read More. How AI Reasoning Mirrors Borges' Library of Babel By @mirrorspace [ 10 Min read ] Do transformer-based LLMs really show emergent understanding? Probably not! A higher-level look at model outputs vindicates the "glorified autocomplete" take. Read More. SafePaper Exposes Hidden VPN Ties Behind “Best VPN” Rankings By @alexcole [ 3 Min read ] SafePaper reveals hidden ties shaping “best VPN” rankings, exposing affiliate deals and media ownership that mislead consumers. Read More. From Metrics to Meaning: Why Customer Satisfaction Is the Ultimate Measure of Quality By @noda [ 4 Min read ] Why QA metrics should go beyond bugs: how integrating customer satisfaction scores helps deliver truly high-quality products. Read More. MCP vs A2A - A Complete Deep Dive By @mayankc [ 29 Min read ] Deep technical analysis comparing Model Context Protocol (MCP) and Agent-to-Agent (A2A) protocols with updated code examples, security insights, and future stan Read More. Backprop — The Russian Algorithm the West Claimed as Its Own By @hacker86877327 [ 9 Min read ] Backprop wasn’t invented in 1986. It was published in the USSR in 1974 — 6 months before Werbos. The author? Alexander Galushkin. Read More. Optimizing the Ever-Growing Balance in an 11-Year-Old Game By @serjey [ 8 Min read ] Balance optimization in War Robots, an 11+ years old game. Core and meta balances optimization Read More. Wikipedia Rules Everything Around Me By @drewchapin [ 5 Min read ] Wikipedia is the internet’s true power broker and the backbone of AI. Here’s why it defines your digital reputation, and how not to be left behind. Read More. Vibe-Coding's Missing Piece is Vibe-Testing By @@javar97 [ 8 Min read ] What to expect from AI-powered quality assurance services? The most reasonable approach comes from crowd-testing platforms. Read More. VR Made Me Faster: A Sim Racer’s Case for Immersion By @wicked-racing [ 5 Min read ] Adding VR to a sim racing rig can improve your driving skills, increase immersion, and make sim racing more like a real-world experience. Read More. HackQuest Acquires BuidlBox to Accelerate Web3 Developer Ecosystem Growth By @jonstojanjournalist [ 3 Min read ] HackQuest acquires BuidlBox to merge Web3 education with hackathons, creating a global hub for developers to learn, build, and launch decentralized apps. Read More. Beyond Policy Papers - Tonga's Cybersecurity Reality Check By @edwinliavaa [ 8 Min read ] Policies are paper shields against digital bullets. Tonga's cyber crisis proves sovereignty requires an engineered defense using decentralized tech like DePIN. Read More. The MIT Professor's Guide to Speaking That Actually Works By @redim [ 6 Min read ] MIT Professor Winston's research-backed speaking techniques: eliminate distractions, use the 5S framework, and make your ideas unforgettable with practical tips Read More. Two Hours With Cursor Changed How I See AI Coding By @scastiel [ 4 Min read ] For the first time in my career, I have absolutely no idea what the software engineer job will look like in five or ten years. Read More. Beyond .com: How Unstoppable Domains and 0G Labs are Crafting a Naming System for the AI Revolution By @ishanpandey [ 4 Min read ] Learn about the .AGI partnership between Unstoppable Domains and 0G labs, and why it's a critical step for a decentralized AI future. Read More. Building a Pro-Level Sim Rig for NASCAR 25 By @wicked-racing [ 7 Min read ] This article describes building a racing sim rig to prepare for the soon-to-be-released NASCAR 25 game on the console by iRacing Read More. 🧑‍💻 What happened in your world this week? It's been said that writing can help consolidate technical knowledge, establish credibility, and contribute to emerging community standards. Feeling stuck? We got you covered ⬇️⬇️⬇️ ANSWER THESE GREATEST INTERVIEW QUESTIONS OF ALL TIME We hope you enjoy this worth of free reading material. Feel free to forward this email to a nerdy friend who'll love you for it. See you on Planet Internet! With love, The HackerNoon Team ✌️
Hackernoon2025/09/09 14:10
SwissBorg Funds Safe: Unwavering Assurance After $41.5M SOL Exploit

BitcoinWorld SwissBorg Funds Safe: Unwavering Assurance After $41.5M SOL Exploit In the dynamic world of cryptocurrency, security is paramount. Recent news regarding a significant $41.5 million SOL exploit might have raised concerns, but crypto trading and analysis app SwissBorg has swiftly moved to reassure its community: your SwissBorg funds safe. This incident, while notable, was not a breach of SwissBorg’s core platform, but rather an exploit of an external DeFi wallet used for a specific yield strategy. This distinction is crucial for understanding the event’s true nature and SwissBorg’s robust response. What Exactly Happened with the $41.5M SOL Exploit? Understanding the details of such events is crucial for all crypto participants. SwissBorg clarified that the $41.5 million SOL exploit specifically targeted a decentralized finance (DeFi) yield strategy. This strategy involved interacting with a third-party DeFi protocol and utilized an external wallet, not SwissBorg’s internal, custodial infrastructure. It is important to highlight: The incident was not a hack of SwissBorg’s internal systems, security protocols, or user accounts held directly on their platform. The exploit impacted a third-party DeFi protocol that SwissBorg had integrated to offer a particular SOL investment opportunity. Only user funds specifically allocated to this external, high-yield strategy were exposed to the exploit. This situation underscores the inherent complexities and risks associated with the broader DeFi ecosystem, where interactions across various external protocols can introduce vulnerabilities. However, SwissBorg’s immediate and transparent communication focused on mitigating user impact and ensuring their SwissBorg funds safe. How Does SwissBorg Ensure Your SwissBorg Funds Safe? The company’s commitment to user protection shines through its proactive and decisive stance. Following the exploit, SwissBorg quickly conducted a thorough assessment, confirming that all other investment products and the vast majority of user funds held on their platform remain completely unaffected and secure. Crucially, SwissBorg has made an unwavering pledge: No user will incur financial losses directly attributable to this specific external incident. SwissBorg is committed to covering any unrecovered losses from the exploit using its own reserves. This demonstrates a powerful commitment to client asset protection. The platform’s robust internal security measures, which safeguard its core operations and direct user holdings, were never compromised. This decisive action reinforces trust and demonstrates SwissBorg’s strong dedication to maintaining the integrity and security of user assets. Their rapid response and commitment to compensation ensure that for their community, keeping SwissBorg funds safe is not just a promise, but a reality. Navigating DeFi: Crucial Lessons for Protecting Your Crypto Assets While SwissBorg has swiftly taken responsibility for the exploit’s impact on its users, this event serves as a broader reminder about the importance of understanding the inherent risks within the decentralized finance space. DeFi offers groundbreaking opportunities for yield and financial innovation, but it also comes with a unique set of complexities and potential vulnerabilities. For all cryptocurrency users, it is always prudent to: Conduct thorough due diligence: Always research and understand the specific protocols, smart contracts, and strategies you engage with. Practice diversification: Avoid placing all your capital into a single high-yield or experimental strategy. Spreading investments across different platforms and asset classes can mitigate risk. Stay informed: Keep abreast of the latest security news, platform updates, and community discussions within the crypto space. SwissBorg’s transparency and rapid resolution in this case set a high standard for how reputable platforms should respond to such challenges. By acting decisively to protect their community, they not only ensure their SwissBorg funds safe but also contribute to building greater confidence and stability in the wider crypto ecosystem. This incident, while unfortunate, ultimately showcases the importance of choosing platforms with strong security protocols and a clear commitment to user protection. In conclusion, the $41.5 million SOL exploit was a significant event, but SwissBorg’s swift and responsible response has ensured that its users are protected. By clarifying that the incident was an external DeFi wallet exploit and committing to cover all unrecovered losses, SwissBorg has reinforced its dedication to security and user trust. This proactive approach ensures that for SwissBorg users, their SwissBorg funds safe and secure, allowing them to continue their crypto journey with peace of mind. This commitment highlights why choosing a trusted platform is essential in the evolving world of digital assets. Frequently Asked Questions (FAQs) Q1: Was SwissBorg itself hacked? A1: No, SwissBorg’s core platform and internal systems were not hacked. The incident was an exploit of an external DeFi wallet used for a specific SOL yield strategy, not a breach of SwissBorg’s direct infrastructure. Q2: Are my funds on SwissBorg safe if I wasn’t using the SOL yield strategy? A2: Yes, absolutely. SwissBorg has confirmed that all other investment products and funds not allocated to the specific external SOL yield strategy remain completely unaffected and secure on their platform. Q3: Will I lose money if I was invested in the affected SOL yield strategy? A3: No. SwissBorg has pledged to cover any losses that remain unrecovered from the exploit, ensuring that users who participated in the affected strategy will not incur financial losses. Q4: What does this incident teach us about DeFi? A4: This event highlights the inherent risks of interacting with third-party DeFi protocols. It underscores the importance of thorough research, diversification, and choosing platforms like SwissBorg that prioritize user protection and have robust response plans. Q5: How can I stay updated on SwissBorg’s security measures? A5: SwissBorg regularly communicates with its community through official channels, including their blog, app announcements, and social media. Staying connected to these sources is the best way to receive timely updates on security and platform developments. Did you find this article informative? Share it with your friends and fellow crypto enthusiasts to help them stay informed about the latest security updates and how platforms like SwissBorg are protecting user assets. Your shares help spread crucial knowledge in the crypto community! To learn more about the latest crypto market trends, explore our article on key developments shaping Bitcoin price action. This post SwissBorg Funds Safe: Unwavering Assurance After $41.5M SOL Exploit first appeared on BitcoinWorld and is written by Editorial Team
Coinstats2025/09/09 14:10
Dogecoin ETF Rumors Far From Just a Joke – DOGE Price Prediction

Santiment just shared interesting on-chain data about Dogecoin as talk of a new DOGE ETF grows louder. The Rex-Osprey Dogecoin ETF ($DOJE) could launch as early as this week, giving U.S. investors a way to gain exposure to DOGE price without holding the coin itself. This would be the first Dogecoin ETF in the United
Coinstats2025/09/09 14:09
Teneo’s Crucial Move In 3AC Liquidation Unveiled

The post Teneo’s Crucial Move In 3AC Liquidation Unveiled appeared on BitcoinEthereumNews.com. WLD Sales: Teneo’s Crucial Move In 3AC Liquidation Unveiled Skip to content Home Crypto News WLD Sales: Teneo’s Crucial Move in 3AC Liquidation Unveiled Source: https://bitcoinworld.co.in/wld-sales-teneo-liquidation/
BitcoinEthereumNews2025/09/09 14:08
