The clock is
already ticking.

US

RU

CH

CA

TW

UK

DE

2025-01-17 · EU

EU financial-sector firms must demonstrate operational resilience (incl. ICT third-party risk) — including cryptographic posture.

2025-12-31 · US-NSA

NSA target for new National Security Systems software & firmware to start adopting CNSA 2.0 (Kyber, Dilithium, SHA-2) algorithms.

2026-06-30 · DE-BSI

Annual BSI cryptographic-recommendation refresh — flagged deadline for hybrid (classical + PQC) roll-out in regulated DE.

2027-12-31 · US-NSA

Networking, VPN, and key-management products on NSS networks should fully support CNSA 2.0 algorithms.

2030-12-31 · US-NIST

NIST recommended sunset for classical public-key crypto in federal systems — full PQC migration target.

2033-12-31 · US-NSA

All NSS systems must be using CNSA 2.0 PQC algorithms exclusively.

@CISAgov

Reminder: NSA's CNSA 2.0 timeline is in effect. New software for NSS should now be adopting Kyber, Dilithium, and SHA-2.

@NIST

FIPS 203 (ML-KEM), 204 (ML-DSA) and 205 (SLH-DSA) are now the standards. Migration windows are short for high-value targets.

@matthew_d_green

Harvest-now-decrypt-later isn't a scenario, it's an active intelligence program. The ECDSA signatures you commit today are tomorrow's plaintext.

@hashedout

Bitcoin's quantum exposure isn't a 2040 problem. ~25% of circulating supply sits in P2PKH addresses with exposed pubkeys. Q-Day day-one targets.

@SchneierBlog

If your security architecture cannot survive the public release of CRYSTALS-Kyber breaks, you needed PQC yesterday.

@a16zcrypto

Wallet providers shipping PQC migration paths in 2026 will own the institutional custody narrative for the next decade.

NEWS_INFOSECURITY · INFO

EU Security Experts to Support Ukrainian Organizations in Case of Cyber-Attacks

Ukraine has been added to the EU Cybersecurity Reserve, which provides incident response services against large-scale incidents

NEWS_SECURITYWEEK · INFO

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

The public PoC code exploits a race condition in Microsoft Defender to spawn a command prompt with System privileges. The post Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day appeared first on SecurityWeek .

NEWS_THEHACKERNEWS · INFO

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Cybersecurity researchers have flagged a "coordinated malware campaign" on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider keys. "Every plugin poses as an AI coding assistant built on DeepSeek and other larg

NEWS_DECRYPT · INFO

House, Senate Strike Deal on Housing Bill With CBDC Ban Through 2030

A bicameral deal on the 21st Century ROAD to Housing Act revives a provision barring the Fed from issuing a digital dollar until 2030.

NEWS_INFOSECURITY · INFO

Fifteen JetBrains Marketplace Plugins Found Stealing API Keys

Aikido Security has discovered at least 15 IDE plugins on the JetBrains Marketplace

NEWS_SECURITYWEEK · INFO

Oracle’s Second Monthly Security Updates Deliver 245 Patches

Oracle has released its June 2026 Critical Security Patch Update to fix vulnerabilities in Communications, EBS, Enterprise Manager and other products. The post Oracle’s Second Monthly Security Updates Deliver 245 Patches appeared first on SecurityWeek .

NEWS_COINTELEGRAPH · INFO

BitGo courts crypto firms awaiting MiCA approval amid Binance licensing concerns

BitGo launches a MiCA-compliant crypto infrastructure platform in Europe as exchanges face pressure to meet July 1 licensing rules across the EU.

NEWS_INFOSECURITY · INFO

Staffing Is Top SOC Challenge Even as AI Proliferates, Says SANS

SANS Institute study finds few SOCs have built AI into defined workflows, despite widespread adoption

NEWS_SECURITYWEEK · INFO

Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities

The browser updates address multiple memory safety bugs that could potentially lead to remote code execution. The post Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities appeared first on SecurityWeek .

NEWS_DARKREADING · INFO

UK Social Media Ban for Minors Has Privacy Experts Worried

The UK will ban adolescents under 16 years old from user-to-user social-media platforms, despite age-verification issues and privacy concerns.

NEWS_THEHACKERNEWS · INFO

144 Mastra npm Packages Compromised via Hijacked Contributor Account

As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from J

NEWS_SECURITYWEEK · INFO

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks

The flaws allow attackers to execute arbitrary PHP code and gain root privileges on shared hosting servers. The post Joomla, LiteSpeed Vulnerabilities Exploited in Attacks appeared first on SecurityWeek .

NEWS_SECURITYWEEK · INFO

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

SOCRadar has detected 30,000 compromised Fortinet firewalls that expose networks to hacking. The post 3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs appeared first on SecurityWeek .

NEWS_COINDESK · INFO

BitGo offers Europe’s crypto firms a MiCA-compliance lifeline as license deadline looms

BaFin-regulated BitGo says its Crypto-as-a-Service platform can help eligible crypto players across Europe with an alternative way to navigate MiCA.

NEWS_COINDESK · INFO

Forget the price charts. Here's how bitcoin and S&P 500 look like when adjusted for the money printer

Valuations shaped by M2 money supply growth paint reveal concerning trends for risk assets.

NEWS_COINTELEGRAPH · INFO

Congress reaches deal on housing bill with CBDC ban until 2030

The US could soon temporarily ban a central bank digital currency, as House and Senate leaders came to a deal on the 21st Century Road to Housing Act.

NEWS_COINTELEGRAPH · INFO

Here’s what happened in crypto today

Need to know what happened in crypto today? Here is the latest news on daily trends and events impacting Bitcoin price, blockchain, DeFi, Web3 and crypto regulation.

NEWS_COINTELEGRAPH · INFO

Strategy’s STRC falls to $91 as investors flinch at latest BTC buying

“It appears traders are seeing the latest BTC acquisition as an unsustainable path for STRC,” said 10x Research’s Markus Thielen.

NEWS_THEHACKERNEWS · INFO

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026

NEWS_COINDESK · INFO

Crypto PAC's $12 million Senate candidate, Barry Moore, wins Alabama GOP primary

The Trump loyalist drew more crypto dollars than any candidate so far in this year's midterms, and the result marks a big win for the industry's political arm.

NEWS_COINDESK · INFO

Live markets: Markets turn their focus to the Fed as oil returns to pre-war levels

Bitcoin's Sharpe ratio hit a level that has marked every cycle low since 2015, but in each case it preceded months of basing rather than an immediate rebound.

NEWS_COINTELEGRAPH · INFO

Illinois governor approves crypto transaction tax despite industry uproar

“There is effectively no comparable state financial transaction tax on stocks, bonds or derivatives anywhere in the country,” said a16z general counsel Miles Jennings.

NEWS_COINDESK · INFO

XRP gives back breakout gains, slipping below $1.23 on heavy selling

XRP briefly traded above key resistance before sellers stepped in, with rising volume suggesting traders used the rally to cut positions rather than add risk.

NEWS_COINDESK · INFO

Uniswap jumps 22% and altcoins rip while bitcoin stalls before the Fed

UNI surged after Standard Chartered set a $100 long-term target, and HYPE and solana led a broad altcoin bid. Bitcoin held near $66,000 as oil fell to a three-month low and the Fed met for the first time under Kevin Warsh.

NEWS_COINTELEGRAPH · INFO

Hyperliquid open interest surges 32% in week: Is $80 HYPE next?

Despite mixed HYPE derivatives market signals, Hyperliquid’s explosive TradFi perpetual growth makes a push toward $80 increasingly realistic.

NEWS_COINTELEGRAPH · INFO

Senators urge Treasury to ensure state authority in GENIUS application

A bipartisan group of US senators told the Treasury that its application of stablecoin laws should be done in a way that “preserves and promotes State participation.”

GHSA · LOW

GHSA · npm/@mariozechner/pi-coding-agent · CVE-2026-54326

Pi Agent: Potential XSS in HTML session exports via Markdown URL sanitization bypass

GHSA · MEDIUM

GHSA · go/code.gitea.io/gitea · CVE-2026-20706

Gitea: Token scope bypass on web archive download endpoint

GHSA · MEDIUM

GHSA · go/code.gitea.io/gitea · CVE-2026-27783

Gitea: Missing repository-unit authorization on issue-template API endpoints

GHSA · MEDIUM

GHSA · go/code.gitea.io/gitea · CVE-2026-25714

Gitea: Incomplete CVE-2025-68941 fix: /user/orgs missing checkTokenPublicOnly + switch-case logic flaw