The clock is
already ticking.

US

RU

CA

CH

IL

TW

DE

2025-01-17 · EU

EU financial-sector firms must demonstrate operational resilience (incl. ICT third-party risk) — including cryptographic posture.

2025-12-31 · US-NSA

NSA target for new National Security Systems software & firmware to start adopting CNSA 2.0 (Kyber, Dilithium, SHA-2) algorithms.

2026-06-30 · DE-BSI

Annual BSI cryptographic-recommendation refresh — flagged deadline for hybrid (classical + PQC) roll-out in regulated DE.

2027-12-31 · US-NSA

Networking, VPN, and key-management products on NSS networks should fully support CNSA 2.0 algorithms.

2030-12-31 · US-NIST

NIST recommended sunset for classical public-key crypto in federal systems — full PQC migration target.

2033-12-31 · US-NSA

All NSS systems must be using CNSA 2.0 PQC algorithms exclusively.

@CISAgov

Reminder: NSA's CNSA 2.0 timeline is in effect. New software for NSS should now be adopting Kyber, Dilithium, and SHA-2.

@NIST

FIPS 203 (ML-KEM), 204 (ML-DSA) and 205 (SLH-DSA) are now the standards. Migration windows are short for high-value targets.

@matthew_d_green

Harvest-now-decrypt-later isn't a scenario, it's an active intelligence program. The ECDSA signatures you commit today are tomorrow's plaintext.

@hashedout

Bitcoin's quantum exposure isn't a 2040 problem. ~25% of circulating supply sits in P2PKH addresses with exposed pubkeys. Q-Day day-one targets.

@SchneierBlog

If your security architecture cannot survive the public release of CRYSTALS-Kyber breaks, you needed PQC yesterday.

@a16zcrypto

Wallet providers shipping PQC migration paths in 2026 will own the institutional custody narrative for the next decade.

NEWS_COINTELEGRAPH · INFO

Japanese corporate pension fund plans 1% crypto allocation: Nikkei

A Japanese corporate pension fund serving about 1,200 small and medium-sized businesses plans to allocate roughly 1% of its assets to crypto as part of a currency diversification strategy.

NEWS_COINDESK · INFO

Ethereum's biggest 'sandwich' bot drained of $7.5 million in ironic exploit

Blockaid said an attacker tricked Jaredfromsubway.eth into approving fake trading routes, then used those approvals to drain WETH, USDC and USDT.

NEWS_COINDESK · INFO

Bitcoin holds near $64,000 as a renewed Hormuz threat clouds US-Iran ceasefire talks

Crypto firmed over the weekend after Friday's sell-off, with bitcoin recovering toward $64,000. Permanent ceasefire talks open in Switzerland, but Iran's order to close the Strait of Hormuz again revives the risk the deal was meant to settle.

NEWS_COINTELEGRAPH · INFO

Here’s what happened in crypto today

Need to know what happened in crypto today? Here is the latest news on daily trends and events impacting Bitcoin price, blockchain, DeFi, Web3 and crypto regulation.

NEWS_COINTELEGRAPH · INFO

Bitcoin ETFs shed record $6.4B in 30 days amid crypto winter chill

US-listed spot Bitcoin exchange-traded funds saw their biggest 30-day net outflow since launching in 2024, coming as Bitcoin fell 17% over the past month.

NEWS_COINTELEGRAPH · INFO

Notorious ‘sandwich attack’ bot Jaredfromsubway.eth exploited for $7.5M

Jaredfromsubway.eth was responsible for 70% of sandwich attacks on Ethereum between November 2024 and October 2025.

NEWS_COINTELEGRAPH · INFO

Bitcoin rotations into altcoins collapses: Have altseasons 'disappeared'?

BTC's crypto market dominance is holding above a key support, signaling Bitcoin may keep absorbing capital from altcoins and delay a broader altseason.

NEWS_DECRYPT · INFO

OpenRouter's Fusion Promises Claude Fable-Level AI for Cheap—Right as Fable 5 Goes Dark

OpenRouter's compound-model API stacks budget AI models—and beat GPT-5.5 and Claude Opus 4.8 outright in benchmark testing.

NEWS_COINDESK · INFO

AI is making crypto security cheaper, faster and harder to ignore

As AI-powered security tools become cheaper, faster and more widely available, researchers said they could reshape what the crypto industry considers reasonable due diligence before deploying code, potentially altering expectations for developers and institutions.

NEWS_DECRYPT · INFO

Bitcoin Network Activity Is Rising as BTC Falls Nearly 50% Below Peak Price: CryptoQuant

Activity on the Bitcoin network is surging, CryptoQuant said, but it's not correlating with price movement for its native asset.

NEWS_COINTELEGRAPH · INFO

Crypto industry looks to stablecoins and DeFi revisions in MiCA 2.0

The European Commission is seeking comment on how it can tweak MiCA, its regulatory framework for the crypto and blockchain industries.

NEWS_COINDESK · INFO

How STRC lost its par: The timeline behind Strategy's preferred-stock meltdown

From a bond buyback and dwindling cash reserves to a bitcoin bear market, the sequence of events that turned STRC's par-value challenge into a marketwide debate.

NEWS_COINTELEGRAPH · INFO

Pudgy Penguins expands retail footprint with Target trading card rollout

The NFT-born franchise is bringing its Vibes Series 3 trading cards to Target stores across the US as it expands into physical products and mainstream retail.

NEWS_THEHACKERNEWS · INFO

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites. The vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), is a medium-severity information disclosure flaw that can allow unauthenticated attackers t

NEWS_SECURITYWEEK · INFO

French President Urges US to Share Cutting-Edge AI and Democracies to Cooperate on Regulation

French President Emmanuel Macron urged the world’s wealthy democracies to work together on regulating advanced AI systems. The post French President Urges US to Share Cutting-Edge AI and Democracies to Cooperate on Regulation appeared first on SecurityWeek .

NEWS_COINTELEGRAPH · INFO

Philippine SEC signals readiness for RWA tokenization

Philippine SEC Commissioner Rogelio Quevedo told Cointelegraph that tokenized assets could give Filipinos more legitimate investment options while helping steer them away from scams.

NEWS_COINTELEGRAPH · INFO

Crypto kidnappers who robbed a Minnesota family of $8M plead guilty

Two Texas brothers admitted to holding a Minnesota family at gunpoint and forcing the transfer of $8 million in cryptocurrency.

NEWS_CIPESA_AFRICA · INFO

Building Digital Security and Verification Capacity Among Refugees

By Brian Byaruhanga | In May 2026, CIPESA joined the World Organisation Against Torture (OMCT) and partners to conduct a three-day workshop on digital security and Open-Source Intelligence (OSINT) for … Continue reading Building Digital Security and Verification Capacity Among Refugees Th

NEWS_COINTELEGRAPH · INFO

S token drops 5% as 3 former execs resign from Sonic Labs board

Andre Cronje, Michael Kong and David Richardson stepped down from the Sonic Labs board on Friday, while Matt Visser has been appointed as CEO, replacing Mitchell Demeter who resigned in February.

GHSA · HIGH

GHSA · pip/aqt · GHSA-869j-r97x-hx2g

Anki's local HTTP server does not sufficiently validate requests

GHSA · MEDIUM

GHSA · rust/surrealdb · GHSA-jv2j-mqmw-xvv5

SurrealDB: Denial of Service via deep operator chains

GHSA · MEDIUM

GHSA · rust/surrealdb · GHSA-hv6h-hc26-q48p

SurrealDB: Field-level SELECT permissions bypassed via graph and reference traversals

GHSA · MEDIUM

GHSA · rust/surrealdb · GHSA-h4h3-3rfj-x6fq

SurrealDB: Indexed ORDER BY leaks the value ordering of a SELECT-restricted field

GHSA · HIGH

GHSA · rust/surrealdb · GHSA-cc8f-fcx3-gpjr

SurrealDB: Arbitrary file read via DEFINE ANALYZER mapper() filter

GHSA · MEDIUM

GHSA · rust/surrealdb · GHSA-h5rg-8p7f-47g2

SurrealDB: SSRF via JWKS URL — Redirect Following in JWT Key Fetch

GHSA · MEDIUM

GHSA · pip/pydantic-settings · GHSA-4xgf-cpjx-pc3j

pydantic-settings: NestedSecretsSettingsSource follows symlinks outside secrets_dir, enabling local file read and bypassing secrets_dir_max_size

GHSA · HIGH

GHSA · npm/@merill/lokka · GHSA-g2gw-q38m-vjfc

Lokka: Azure Resource Manager URL path validation issue

GHSA · HIGH

GHSA · npm/@jhb.software/payload-cloudinary-plugin · GHSA-h5x8-xp6m-x6q4

@jhb.software/payload-cloudinary-plugin: Arbitrary Cloudinary API Parameter Signing

GHSA · HIGH

GHSA · pip/langsmith · GHSA-f4xh-w4cj-qxq8

LangSmith SDK TracingMiddleware: Arbitrary server-side file read

GHSA · HIGH

GHSA · actions/gouef/githubtoplanguages · GHSA-c3xh-98xp-6qhf

githubtoplanguages: Command Injection via Issue Title in Discord Notification Workflow