The clock is
already ticking.

US

RU

CH

CA

UK

KR

DE

2025-01-17 · EU

EU financial-sector firms must demonstrate operational resilience (incl. ICT third-party risk) — including cryptographic posture.

2025-12-31 · US-NSA

NSA target for new National Security Systems software & firmware to start adopting CNSA 2.0 (Kyber, Dilithium, SHA-2) algorithms.

2026-06-30 · DE-BSI

Annual BSI cryptographic-recommendation refresh — flagged deadline for hybrid (classical + PQC) roll-out in regulated DE.

2027-12-31 · US-NSA

Networking, VPN, and key-management products on NSS networks should fully support CNSA 2.0 algorithms.

2030-12-31 · US-NIST

NIST recommended sunset for classical public-key crypto in federal systems — full PQC migration target.

2033-12-31 · US-NSA

All NSS systems must be using CNSA 2.0 PQC algorithms exclusively.

@CISAgov

Reminder: NSA's CNSA 2.0 timeline is in effect. New software for NSS should now be adopting Kyber, Dilithium, and SHA-2.

@NIST

FIPS 203 (ML-KEM), 204 (ML-DSA) and 205 (SLH-DSA) are now the standards. Migration windows are short for high-value targets.

@matthew_d_green

Harvest-now-decrypt-later isn't a scenario, it's an active intelligence program. The ECDSA signatures you commit today are tomorrow's plaintext.

@hashedout

Bitcoin's quantum exposure isn't a 2040 problem. ~25% of circulating supply sits in P2PKH addresses with exposed pubkeys. Q-Day day-one targets.

@SchneierBlog

If your security architecture cannot survive the public release of CRYSTALS-Kyber breaks, you needed PQC yesterday.

@a16zcrypto

Wallet providers shipping PQC migration paths in 2026 will own the institutional custody narrative for the next decade.

NEWS_SECURITYWEEK · INFO

Anthropic Says It Has Taken Its Latest AI Models Offline to Comply With New Export Controls

Anthropic takes Fable 5 and Mythos 5 offline to comply with a directive from the Trump administration to prevent use by foreign nationals. The post Anthropic Says It Has Taken Its Latest AI Models Offline to Comply With New Export Controls appeared first on SecurityWeek .

NEWS_COINDESK · INFO

Top cryptographers can't agree on Bitcoin's biggest quantum question

A Coinbase-convened panel says Bitcoin should start preparing for quantum attacks now, but declines to take a position on whether millions of vulnerable coins, including many linked to Satoshi Nakamoto, should eventually be frozen.

NEWS_COINDESK · INFO

Anthropic's pre-IPO shares fall as US government shuts down its most powerful AI model

A jailbreak report prompted Washington to pull Fable 5 and Mythos 5 from all users. Anthropic complied but pushed back hard, saying the finding sets a standard that would halt the entire AI industry.

NEWS_COINTELEGRAPH · INFO

Here’s what happened in crypto today

Need to know what happened in crypto today? Here is the latest news on daily trends and events impacting Bitcoin price, blockchain, DeFi, Web3 and crypto regulation.

NEWS_COINDESK · INFO

Bitcoin steadies above $63,000 as its worst week in months got a late macro rescue

A tiny Strategy sale raised a bigger question about Saylor’s never-sell stance, while easing Iran fears and a strong SpaceX debut helped risk assets recover.

NEWS_THEHACKERNEWS · INFO

U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals

Anthropic said on Friday it will "abruptly disable" its most advanced artificial intelligence (AI) models, Claude Fable 5 and Mythos 5, for all users after the U.S. government ordered it to suspend access to the models for foreign nationals, whether inside or outside the U.S., citing national securi

NEWS_COINDESK · INFO

SpaceX IPO scramble reveals difference between tokenizing a stock and getting one

Crypto platforms promised early access to the blockbuster SpaceX IPO through tokenized shares. The problem wasn't technology, but getting the actual stock.

NEWS_COINTELEGRAPH · INFO

ETH futures flash bearish signal, but stakers’ resilience points to underlying strength

Demand for ETH leverage remains low, but corporate accumulation and stakers’ dedication may prevent an Ether price crash to $1,500.

NEWS_COINTELEGRAPH · INFO

Anthropic suspends access to Fable 5, Mythos 5, citing US directive

Anthropic has abruptly disabled its flagship AI models after a US government directive citing national security concerns.

NEWS_COINTELEGRAPH · INFO

Major crypto exchanges cancel SpaceX IPO allocations, promising refunds

Elon Musk’s SpaceX completed its landmark IPO on the Nasdaq on Friday, but crypto users seeking tokenized exposure to the IPO were left empty-handed after allocations fell through.

NEWS_COINTELEGRAPH · INFO

Bitcoin’s ‘calm top’ challenges most market bottom estimates: Research

New data from Galaxy Research suggests that Bitcoin's floor price may not drop as low as previous bear markets, but the bottom-finding process is still playing out.

NEWS_COINTELEGRAPH · INFO

Bitcoin rally to $70K builds as orderbook structure highlights traders’ confidence

A positive bid-ask readings and a bullish RSI divergence support Bitcoin's recovery, with $70,000 emerging as a key target.

GHSA · HIGH

GHSA · go/github.com/filebrowser/filebrowser/v2 · CVE-2026-54090

File Browser has a Command Execution Allowlist Bypass via Shell Metacharacter Injection

NEWS_THEDEFIANT · INFO

CFTC Staff Give DCMs a Path to Convert Perpetual-Style Digital Commodity Futures Into True Perpetuals

CFTC staff issued release 9252-26 on Friday, giving designated contract markets a no-action path to convert existing perpetual-style digital commodity futures into true perpetuals, advancing the agency's buildout of a regulated US crypto derivatives market.

NEWS_CYBERSCOOP_ME · INFO

FBI takes down massive China-based cybercrime network that caused $1.9B in losses

Outsider provided phishing kits and infrastructure for cybercriminals to scam victims with lures claiming they missed packages, had unpaid tolls or parking violations. The post FBI takes down massive China-based cybercrime network that caused $1.9B in losses appeared first on CyberScoop .

GHSA · HIGH

GHSA · go/github.com/filebrowser/filebrowser/v2 · CVE-2026-54091

File Browser has incorrect access control for public directory shares via rule path rebasing

GHSA · MEDIUM

GHSA · go/github.com/filebrowser/filebrowser/v2 · CVE-2026-54093

File Browser: FilePath traversal in download-as-zip/tar via Windows-style backslash separators in stored filenames

GHSA · MEDIUM

GHSA · go/github.com/filebrowser/filebrowser/v2 · CVE-2026-54094

File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope

GHSA · HIGH

GHSA · go/github.com/filebrowser/filebrowser/v2 · CVE-2026-54092

File Browser has a DoS Vulnerability via Public Login API

NEWS_THEDEFIANT · INFO

Fidelity’s Dollar Stablecoin Taps Curve and Uniswap as Its DeFi Liquidity Layer

The Fidelity Digital Dollar stablecoin deployed Curve Finance Stableswap LP positions and Uniswap LP positions simultaneously in a single Ethereum block Thursday evening, with Curve founder Michael Egorov noting the same-block execution as evidence of DeFi operational expertise.

NEWS_THEDEFIANT · INFO

'Peirce Out': A Decade of Dissent

She arrived at the SEC in 2018 as a Republican commissioner with light crypto baggage and left this week as the regulator whose quotes had narrated the industry's regulatory story. A retrospective on eight years of dissent.

GHSA · HIGH

GHSA · go/github.com/filebrowser/filebrowser/v2 · CVE-2026-54096

File Browser: Improper Access Control Occurs via Pre-Created Public Share for a Non-existent Path

GHSA · MEDIUM

GHSA · maven/org.connectbot.sshlib:sshlib · GHSA-vc8p-8pxg-rfwg

ConnectBot SSH Client Library: Excessive allocation and integer overflow in DER private-key parsing

GHSA · MEDIUM

GHSA · maven/org.connectbot.sshlib:sshlib · GHSA-ch3q-cw5r-f4hg

ConnectBot SSH Client Library: Unbounded SSH field lengths can cause excessive memory allocation

GHSA · HIGH

GHSA · go/github.com/filebrowser/filebrowser · CVE-2026-54097

File Browser: Cross-user unauthorized share-link deletion via unbounded prefix match in DeleteWithPathPrefix

GHSA · MEDIUM

GHSA · go/github.com/fleetdm/fleet/v4 · CVE-2026-46371

Fleet: Observer-level enrollment secret extraction via ORDER BY oracle on Apple MDM commands endpoint

GHSA · MEDIUM

GHSA · go/github.com/fleetdm/fleet/v4 · CVE-2026-46370

Fleet has observer-level enrollment secret extraction via ORDER BY oracle on labels host-listing endpoint

GHSA · MEDIUM

GHSA · npm/fabric · CVE-2026-44311

Fabric.js improper escaping in fabric.Gradient colorStops leads to XSS in SVG serialization

NEWS_THEDEFIANT · INFO

CFTC Sues New Mexico to Block State Gaming Laws From Reaching Federally Regulated Prediction Markets

The federal derivatives regulator filed suit Thursday in federal court seeking to bar New Mexico from enforcing state gaming laws against CFTC-registered prediction-market exchanges, making New Mexico the eighth state to face federal litigation over the question of exclusive jurisdiction.

NEWS_DARKREADING · INFO

ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed

A major bug in Oracle's ERP software disproportionately affected American universities, and hackers have capitalized by stealing gobs of data.