The clock is
already ticking.

US

RU

CA

CH

TW

UK

IL

2025-01-17 · EU

EU financial-sector firms must demonstrate operational resilience (incl. ICT third-party risk) — including cryptographic posture.

2025-12-31 · US-NSA

NSA target for new National Security Systems software & firmware to start adopting CNSA 2.0 (Kyber, Dilithium, SHA-2) algorithms.

2026-06-30 · DE-BSI

Annual BSI cryptographic-recommendation refresh — flagged deadline for hybrid (classical + PQC) roll-out in regulated DE.

2027-12-31 · US-NSA

Networking, VPN, and key-management products on NSS networks should fully support CNSA 2.0 algorithms.

2030-12-31 · US-NIST

NIST recommended sunset for classical public-key crypto in federal systems — full PQC migration target.

2033-12-31 · US-NSA

All NSS systems must be using CNSA 2.0 PQC algorithms exclusively.

@CISAgov

Reminder: NSA's CNSA 2.0 timeline is in effect. New software for NSS should now be adopting Kyber, Dilithium, and SHA-2.

@NIST

FIPS 203 (ML-KEM), 204 (ML-DSA) and 205 (SLH-DSA) are now the standards. Migration windows are short for high-value targets.

@matthew_d_green

Harvest-now-decrypt-later isn't a scenario, it's an active intelligence program. The ECDSA signatures you commit today are tomorrow's plaintext.

@hashedout

Bitcoin's quantum exposure isn't a 2040 problem. ~25% of circulating supply sits in P2PKH addresses with exposed pubkeys. Q-Day day-one targets.

@SchneierBlog

If your security architecture cannot survive the public release of CRYSTALS-Kyber breaks, you needed PQC yesterday.

@a16zcrypto

Wallet providers shipping PQC migration paths in 2026 will own the institutional custody narrative for the next decade.

NEWS_SECURITYWEEK · INFO

Cisco to Acquire WideField Security to Boost Splunk’s Agentic SOC

WideField will accelerate Agentic SOC capabilities by expanding the lens on threat investigation to include identity, credentials, sessions, and blast radius. The post Cisco to Acquire WideField Security to Boost Splunk’s Agentic SOC appeared first on SecurityWeek .

NEWS_COINTELEGRAPH · INFO

AllUnity debuts SEKAU, a fully reserved Swedish krona stablecoin

AllUnity launches Swedish krona-backed stablecoin SEKAU with multi-chain support, expanding its stablecoin portfolio regulated under the EU’s MiCA framework.

NEWS_SECURITYWEEK · INFO

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

Law enforcement and private partners took down 106 SocGholish C&C servers and domains as part of Operation Endgame. The post 15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown appeared first on SecurityWeek .

NEWS_THEHACKERNEWS · INFO

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone

Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users. The vulnerability, tracked as CVE-2025-20701 (CVSS score: 8.8), refers to a case of incorrect authorization impacting the Airoha Bluetooth

NEWS_COINTELEGRAPH · INFO

Here’s what happened in crypto today

Need to know what happened in crypto today? Here is the latest news on daily trends and events impacting Bitcoin price, blockchain, DeFi, Web3 and crypto regulation.

NEWS_COINTELEGRAPH · INFO

Algorand plans ‘broad quantum resilience’ by 2027

Algorand is planning new accounts and consensus mechanisms designed to be resistant to the cryptography-breaking threat of quantum computers.

NEWS_COINTELEGRAPH · INFO

Microsoft warns users of 'Crypto Clipper' malware spread via USB drives

The malware blends data theft with remote code execution, “turning a financially motivated stealer into a lightweight backdoor,” Microsoft said.

NEWS_COINDESK · INFO

XRP falls 3% after losing $1.15 support as breakout attempt fades

Heavy selling pushed XRP back below a key support zone, reinforcing a downtrend that has repeatedly stalled rallies near $1.25.

NEWS_COINDESK · INFO

Live markets: Bitcoin has traded below its mining cost for five months, squeezing miners

About 20% of miners are now unprofitable, and publicly traded miners sold more than 32,000 bitcoin in the first quarter to cover operating costs, more than they offloaded in all of 2025.

NEWS_COINDESK · INFO

Bitcoin traders load up on bearish bets all the way down to $52,000

Bitcoin traders are scrambling to buy options bets that would pay off if the selloff deepens.

NEWS_COINDESK · INFO

Bitcoin falls below $63,000 as risk assets sell off and the week's bounce fades

Crypto dropped across the board on Friday in holiday-thinned trading, giving back the week's gains. With oil down 9% and the Iran deal signed, the question turns to whether this cycle gets an altseason at all.

NEWS_COINTELEGRAPH · INFO

US crypto ETFs are pulling Bitcoiners into TradFi: BlackRock's Jay Jacobs

The merger of crypto, decentralized finance and traditional finance is being referred to as the “Great Convergence” at BlackRock.

NEWS_SECURITYWEEK · INFO

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution. The post Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure appeared first on SecurityWeek .

NEWS_COINTELEGRAPH · INFO

Celsius’ Mashinsky gets permanent trading ban in CFTC settlement

The US commodities watchdog has settled with Celsius founder Alex Mashinsky, ending the agency’s first-ever case against a crypto lending platform.

NEWS_COINTELEGRAPH · INFO

Ether analysts predict another ‘selling wave’ as ETH struggles to overcome $1.7K

Exchange inflows, slumping demand and a 31% drop in Ether futures open interest may signal that another wave of selling could hit ETH.

NEWS_COINTELEGRAPH · INFO

Malta proposes DeFi rulebook covering DAOs under MiCA-era framework

The Maltese regulator is seeking industry feedback on a legal framework for software-governed organizations, arguing that many DeFi projects are not fully decentralized.

NEWS_CYBERSCOOP_ME · INFO

Authorities disrupt Evil Corp’s SocGholish botnet

Cybersecurity firms, researchers and officials took down 106 servers and remediated nearly 15,000 sites that were infected with the malware. The post Authorities disrupt Evil Corp’s SocGholish botnet appeared first on CyberScoop .

NEWS_COINTELEGRAPH · INFO

Bitcoin decouples from tech stocks: Is $60K BTC’s next stop?

Bitcoin’s slump accelerated as capital rotated further into the AI sector, raising the odds of a BTC price drop below $60,000.

NEWS_COINTELEGRAPH · INFO

Ireland mulls crypto safeguards in response to financial risks

For the first time in seven years, the Irish government released an assessment related to digital assets, noting risks from money laundering, terrorism financing, sanctions violations and bribery.

NEWS_COINTELEGRAPH · INFO

US regulators push user ID requirements for stablecoin issuers akin to regulated banks

The proposed rules by US government agencies suggested that stablecoin issuers be subject to customer identification program requirements under the Bank Secrecy Act, the same as regulated financial firms.

NEWS_DECRYPT · INFO

China’s Z.AI Releases GLM-5.2: A Model That Rivals Claude Opus—Using Zero Nvidia Chips

Z.ai's GLM-5.2 sits within 1% of Claude Opus 4.8 on long-horizon coding benchmarks, runs entirely on Huawei silicon, and undercuts Western frontier models by up to 82% per token.

NEWS_THEDEFIANT · INFO

Fable's Shutdown Hands Crypto Its Case for Decentralized AI

Anthropic's most powerful public model came with guardrails users called too broad — then the US government switched it off entirely. Crypto's builders say that is exactly why AI should run on networks no company or state controls, and traders have started to bid up the tokens betting on it.

NEWS_DECRYPT · INFO

Midjourney Pivots From AI Images to Medical Imaging, Aiming to Build a Better MRI Alternative

Image generation company Midjourney is developing a full-body imaging system that combines ultrasound tech with AI smarts.

GHSA · MEDIUM

GHSA · npm/signalk-server · CVE-2026-55591

Signal K Server: Server-Side Request Forgery via Remote Connection Endpoints

GHSA · MEDIUM

GHSA · composer/web-token/jwt-library · GHSA-5739-39v2-5754

PHP JWT Library: RSA1_5 (RSAES-PKCS1-v1_5) decryption lacks implicit rejection, exposing a Bleichenbacher/Marvin padding oracle

GHSA · HIGH

GHSA · composer/web-token/jwt-framework · GHSA-jc38-x7x8-2xc8

PHP JWT Framework: JWSVerifier uses algorithm from unprotected header, enabling algorithm confusion attacks

GHSA · HIGH

GHSA · composer/web-token/jwt-library · GHSA-3prj-6hqw-cm82

PHP JWT Library: PBES2-HS*+A*KW unwrap accepts an unbounded p2c iteration count, enabling CPU-amplification denial of service

GHSA · MEDIUM

GHSA · composer/web-token/jwt-experimental · GHSA-6vvh-pxr4-25r7

PHP JWT Framework: Chacha20Poly1305 key-encryption algorithm discards the Poly1305 authentication tag, performing no authentication on decryption

GHSA · MEDIUM

GHSA · composer/spomky-labs/otphp · GHSA-2jx3-65f3-xr8r

spomky-labs/otphp: Mass-assignment in Factory::loadFromProvisioningUri lets a hostile provisioning URI corrupt OTP state or leak an uncaught TypeError

NEWS_COINTELEGRAPH · INFO

Custodia, Vantage propose token that toggles between bank deposits and stablecoins

The proposed system aims to connect traditional banking infrastructure with blockchain-based payment networks with banks retaining customer deposits.