Category: Business

Leading cryptocurrencies fell alongside stock futures Sunday evening as tensions between the U.S. and Iran increased dramatically over the weekend.

Crypto Market In Red

Bitcoin sharply retreated from $76,000 as trading volume spiked 20% over the last 24 hours. Ethereum dipped below $2,300, while XRP and Dogecoin also traded in the red.

Over $415 million was liquidated in the past 24 hours, with $335 million in long positions alone wiped out, according to Coinglass data.

Open interest in Bitcoin futures fell 3.76% over the last 24 hours. Meanwhile, sentiment among whale and retail traders on Binance flipped “neutral.”

“Fear” sentiment persisted in the market, according to the Crypto Fear & Greed Index.

Top Gainers (24 Hours)

The global cryptocurrency market capitalization stood at $2.51 trillion, following a decline of 1.62% increase in the last 24 hours.

Stock Futures Slide As Hostilities Resume

Stock futures sold off sharply on Sunday evening. The Dow Jones Industrial Average Futures fell 444 points, or 0.89%, as of 8:44 p.m. EDT. Futures tied to the S&P 500 slid 0.70%, while Nasdaq 100 Futures declined 0.66%.

Geopolitical tensions worsened over the weekend after President Donald Trump said that that was trying to get past a naval blockade in the Gulf of Oman.

Iran president Masoud Pezeshkian said U.S. actions are a “clear violation” of the ceasefire understanding and that Iranian forces are ready for a comprehensive defense, according to state-controlled media IRIB.

Oil prices lifted, with West Texas Intermediate crude futures surging 7.50% to $90.12 per barrel.

Bitcoin’s Struggles To Continue?

Widely followed cryptocurrency analyst and trader Killa noted BTC’s positive momentum “fading” after a prolonged green run.

“Green bars are gradually weakening, suggesting momentum is stalling,” the analyst said. “With the market still range bound, it’s plausible delta shifts red from here, leading to late longs being flushed out.”

Rekt Capital, another well-known cryptocurrency commentator on X, outlined a potential retest of Bitcoin’s support at $73,000, with a successful hold confirming the upside breakout pattern.

Photo: Memory Stockphoto / Shutterstock

The cloud development platform Vercel’s security incident has prompted alarm in the crypto industry, following the company’s disclosure that attackers compromised parts of its internal systems through a third-party AI tool.

Because many crypto projects rely on Vercel to host their user interfaces, the breach highlights just how dependent Web3 teams are on centralized cloud infrastructure. That reliance creates an often overlooked attack surface—one that can sidestep traditional defenses like DNS monitoring and directly compromise frontend integrity.

Vercel said Sunday that the intrusion originated from a third-party AI tool linked to a Google Workspace OAuth app. That tool had been breached in a larger incident affecting hundreds of users from multiple organizations, the company said. Vercel confirmed a limited subset of customers was affected, and its services stayed operational.

The company has engaged external incident responders and alerted the police while also investigating how the data may have been accessed.

Access keys, source code, database records, and deployment credentials (NPM and GitHub tokens) were listed for the account. But these are not independently established claims.

As proof, one of those sample items included about 580 employee records with names, corporate email addresses, account status, and activity timestamps, along with a screenshot of an internal dashboard.

Attribution remains unclear. Individuals connected to the core ShinyHunters group denied involvement, according to reports. The seller also said it contacted Vercel, demanding a ransom, though the company has not revealed whether negotiations were conducted.

Third-party AI compromise exposes hidden infrastructure risk

Rather than attacking Vercel directly, attackers have leveraged OAuth access linked to Google Workspace. A supply-chain weakness of this nature is trickier to identify, as it depends on trusted integrations rather than obvious vulnerabilities.

Theo Browne, a developer known in the software community, said those consulted indicated Vercel’s internal Linear and GitHub integrations bore the brunt of the problems.

He observed that environment variables marked as sensitive in Vercel are safeguarded; other variables that were not flagged must be rotated to avoid the same fate.

Vercel followed up on this directive, urging customers to review their environment variables and utilize the platform’s sensitive variable feature. That kind of compromise is particularly worrying because environment variables often contain secrets such as API keys, private RPC endpoints, and deployment credentials.

If these values were compromised, attackers might be able to alter builds, inject malicious code, or gain access to connected services for broader exploitation.

Unlike typical breaches that target DNS records or domain registrars, the compromise at the hosting layer occurs at the build pipeline level. That allows attackers to compromise the actual frontend delivered to users rather than merely redirecting visitors.

Certain projects store sensitive configuration data in environment variables, including wallet-related services, analytics providers, and infrastructure endpoints. If those values were accessed, teams may have to assume that they were compromised and rotate them.

Frontend attacks have already been a recurring challenge in the crypto space. Recent incidents of domain hijacking have led to users being redirected to malicious clones designed to drain wallets. But those attacks usually come at the DNS or registrar level. These changes can often be detected quickly with monitoring tools.

A compromise at the hosting layer differs. Rather than directing users to a phony site, attackers modify the actual frontend. Users may encounter a legitimate domain serving malicious code, but will have no idea what is happening.

Investigation continues as crypto projects review exposure

How far the breach penetrated, or whether any customer deployments were changed, is unclear. Vercel said its investigation is ongoing and it will update stakeholders as more information becomes available. It also said affected customers are being contacted directly.

No major crypto projects have publicly confirmed receiving notification from Vercel as of publication time. But the incident is expected to prompt teams to audit their infrastructure, rotate credentials, and examine how they manage secrets.

The bigger lesson is that security in crypto frontends doesn’t end at DNS protection or smart contract audits. Dependencies on cloud platforms, CI/CD pipelines, and AI integrations further increase risk.

When one of those trusted services is compromised, attackers could exploit a channel that bypasses traditional defenses and directly affects users.

The Vercel hack, tied to a compromised AI tool, illustrates how supply-chain vulnerabilities in modern development stacks can have cascading effects throughout the crypto ecosystem.

The SEC is sharpening its crypto policy focus as digital asset regulation rises to the top of its 2026 agenda. Leadership commentary signals a more structured approach to oversight while aiming to position the United States as a global hub for crypto innovation.

Key Takeaways:

• Atkins confirmed SEC will prioritize digital asset regulation policy.
• Peirce highlighted the lack of a spot crypto framework.
• Uyeda emphasized SEC reforms may boost capital access and markets.

Inaugural Podcast Outlines SEC Crypto Priorities and Policy Direction

U.S. Securities and Exchange Commission (SEC) leadership is cementing and clarifying its digital asset policy framework as crypto regulation moves deeper into the agency’s 2026 agenda. On April 16, SEC Chairman Paul Atkins joined Commissioners Mark Uyeda and Hester Peirce in the inaugural Material Matters podcast episode titled “Commissioners Set the Course: 2026 Priorities.” The discussion outlined how the agency is defining regulatory direction on crypto and broader market structure.

Atkins announced the launch of the Material Matters podcast on social media platform X, describing it as a new SEC initiative designed to give the public greater insight into the agency’s work and its broader economic impact. In the episode, he emphasized crypto as a top priority, stating:

“In one area now that is really top on our list to try to get right with respect to regulation is the whole digital asset area, crypto assets.”

The SEC chairman linked the effort to broader national ambitions, noting that President Donald Trump has repeatedly promoted the goal of making the United States a global crypto hub. “The President has often said that he wants to make America the crypto capital of the world. And so, we’ve been working hard about that,” he emphasized.

Commissioner Uyeda also outlined broader regulatory priorities, emphasizing a return to the agency’s core mission of investor protection, fair, orderly, and efficient markets, and capital formation. He indicated that recent years marked a departure from traditional SEC principles, with greater focus on matters outside the agency’s longstanding disclosure-based approach. Uyeda suggested that restoring that balance is important to support public markets, improve access to capital, and keep rulemaking aligned with the SEC’s central mandate.

Peirce Highlights Market Structure Gaps and Innovation Strategy

Commissioner Peirce highlighted a key regulatory gap in the current market structure, stating: “Right now, there hasn’t been a regulatory framework around the spot trading of crypto assets. And that’s something that CFTC will be working on.” Her remarks indicate that regulators are focused on defining jurisdictional boundaries, including coordination with the Commodity Futures Trading Commission (CFTC), and implementing workable oversight. The discussion also referenced blockchain efficiencies such as peer-to-peer transfers and programmable execution, reinforcing the need for coordinated regulatory approaches as adoption expands.

Peirce concluded by stressing the importance of maintaining U.S. competitiveness in financial innovation. She stated:

“We do want to make this the place where people want to innovate whether it’s in crypto or something else.”

The statement reflects a broader objective to balance investor protection with innovation. The episode signals that the SEC is working to solidify a durable framework that supports market development while addressing fraud and systemic risks.

$XRP goes live on Solana

The integration, powered by LayerZero and Hex Trust, brings wrapped $XRP (wXRP) into Solana’s expansive decentralized finance ecosystem.

The Solana network has integrated $XRP, according to a Friday announcement. The integration, which has been in the works for several months, bridges the gap between two of the cryptocurrency industry’s most prominent ecosystems.

The asset has been launched as a wrapped token, designated as wXRP. The Solana Foundation partnered with LayerZero and Hex Trust, two major infrastructure providers, in order to be able to facilitate this massive cross-chain move.

The announcement has noted that the $XRP Ledger is specifically designed for “fast” and “low-cost” transactions. Now, $XRP holders will be able to get exposure to Solana’s vast DeFi ecosystem.

Bitcoin ETFs back on track with biggest inflows since January

Spot Bitcoin ETFs saw their strongest weekly inflows since January, pulling in nearly $1 billion as institutional demand accelerates.

Spot Bitcoin ETFs recorded their largest weekly inflows since January, signaling a renewed wave of institutional demand, according to data from Farside Investors.

Total net inflows reached $996 million over the past week, marking the strongest performance since early January, when inflows approached $1.4 billion.

The surge was driven by a standout Friday session, which alone brought in $663.9 million, the highest single-day inflow of the week.

Last week, ETFs saw $411.5 million in inflows on Tuesday and $186 million on Wednesday, followed by a modest $26 million on Thursday. The period began with a $291 million outflow on Monday, making the rebound particularly notable as momentum quickly reversed.

The strong inflow activity pushed total net assets across spot Bitcoin ETFs above $101 billion by the end of the week. At the same time, trading volumes surged, with daily activity nearing $4.8 billion, reflecting heightened participation from both institutional and retail investors.

The data suggests that despite recent market uncertainty, capital continues to rotate back into Bitcoin exposure through regulated investment vehicles, reinforcing the role of ETFs as a primary entry point for traditional investors.$SHIB crosses one trillion threshold in outflows

$SHIB crosses one trillion threshold in outflows

Shiba Inu is seeing massive exchange outflows, hinting at quiet accumulation despite a still-weak price trend.

With exchange outflows exceeding one trillion $SHIB in a brief amount of time, Shiba Inu is exhibiting a change in on-chain behavior. That is a significant shift in the positioning of large holders, particularly in light of the months-long downtrend and low demand.

Both exchange inflows and outflows have increased, but outflows are outpacing inflows, according to the data. Net flow is still marginally negative, with total outflows at about 1.24 trillion $SHIB and inflows at about 1.13 trillion $SHIB.

At the same time, exchange reserves are still slightly decreasing. Instead of aggressive selling, this combination usually indicates a slow removal of supply from exchanges. However, the price is not responding, at least not yet.

Warnings are intensifying across multiple crypto tokens as an on-chain investigator flags structural risks and questionable trading behavior. The growing list of red-flagged assets is heightening concern that retail investors remain exposed to engineered liquidity and sudden price shocks.

Key Takeaways:

• Broader warnings point to structural weaknesses across parts of the crypto token market.
• Major exchanges face rising pressure to respond faster to questionable trading behavior.
• Retail investors remain exposed as oversight concerns spread beyond a single token.

Rising Crypto Exchange Manipulation Concerns Spread Across Tokens

Market manipulation concerns on major crypto exchanges moved back into focus after on-chain investigator ZachXBT tied $RAVE’s collapse to concentrated supply and questionable trading activity. He outlined the episode on social media platform X on April 19. The post described how a token that entered the top 15 by market cap fell 95% within hours.

ZachXBT stated on X: “A summary of the $RAVE -95% price fluctuation from $26 to $1 over the past 24 hours.” He said the sequence began on April 18, when he urged Binance, Bitget, and Gate to examine possible manipulation and offered a $10,000 bounty, later raising it to $25,000. Bitget, Binance, and Gate each publicly acknowledged the request that day, while RaveDAO said it had no involvement. ZachXBT also said he confronted RaveDAO co-founder Yemu Xu on April 13 and 14 without receiving a response. Highlighting broader concerns beyond $RAVE, he remarked:

“Other projects with highly questionable price action recently include: $SIREN, $MYX, $COAI, M, PIPPIN, $RIVER.”

Similar structural and behavioral risks have surfaced across several recently flagged tokens. $SIREN showed extreme supply concentration, with Bubblemaps finding that a single cluster controlled roughly half the supply across 47 wallets. ZachXBT recently said he traced that cluster to wallets tied on-chain to several obscure DWF-affiliated tokens, including LADYS, RACA, and TOMO, reinforcing concerns that the token’s liquidity was engineered rather than driven by organic retail demand. $COAI raised a different red flag: its proxy contract ownership was not renounced, leaving the deployer or admin able to change key functions. $RIVER and PIPPIN exposed weaker market structures in different ways, with $RIVER associated with a low circulating-supply profile and PIPPIN unraveling in a derivatives-driven liquidation cascade. $MYX and M also came under scrutiny, tied respectively to extreme funding conditions and allegations that Axiom staff had access that could enable front-running and deanonymization of users.

Exchange Oversight Pressure Intensifies Amid Retail Risk

The blockchain investigator argued that $RAVE’s structure made the move difficult to dismiss as normal volatility. ZachXBT said $RAVE launched in December 2025 on Binance Alpha with a one billion total supply, while addresses tied to the initial distribution controlled about 95% of supply.

He also pointed to suspicious April 2026 centralized exchange activity connected on-chain to RaveDAO team addresses, which he said could conflict with the project’s denial. ZachXBT added:

“$RAVE is not the only token with manipulation we have seen on major centralized exchanges. It’s just the most blatant, reaching a top 15 market cap within 10 days before dropping 95% in hours.”

The episode widened scrutiny on how quickly trading platforms respond to extreme dislocations in thinly distributed tokens. ZachXBT argued: “Exchanges need faster intervention on manipulation. Detection at scale isn’t easy, but each day of delay means retail traders absorb losses while platforms collect fees on the volume. The outcome is the same regardless of intent.” He also emphasized the broader impact on market participants, saying: “I recognize how much this behavior takes from retail traders, and I plan to investigate similar movements in hopes of identifying the responsible parties.”

The highly volatile crypto market has witnessed another tragic tale of loss at the brink of a breakout. In this respect, an Asteroid Shiba ($ASTEROID) trader has recently sold their holdings at a loss just before the staggering price pump. As per the data from Lookonchain, the trader has missed a life-changing opportunity of $2.6M profit in this respect. The incident highlights the significance of patience amid the wider market fluctuations.

This is the unluckiest guy I’ve ever seen!

80 days ago, trader 0x5811 spent $542 to buy 7.43B $ASTEROID.

Just one day before $ASTEROID pumped, he sold all 7.43B $ASTEROID for $405, taking a $137 loss.

Today, those 7.43B $ASTEROID are worth over $2.6M.

He missed a… pic.twitter.com/xHDPp5OD8p

— Lookonchain (@lookonchain) April 19, 2026

Trader ‘0x5811’ Offloads $ASTEROID Holdings at Loss, Missing $2.6M Opportunity

As the market statistics suggest, the trader, with the wallet address “0x5811,” has recently made a pessimistic move of offloading their $ASTEROID holdings at a loss. Interestingly, this took place only 1 day before the meme token’s huge upsurge. Hence, the trader could not attain a possible $2.6M profit following the bull rally.

Particularly, the trader’s journey with the $ASTEROID token started 80 days ago. At that time, the trader purchased a notable amount of 7,426,982,235 $ASTEROID tokens by spending 0.20 $ETH, equaling just $541.47. That was the moment when the token was changing hands at just a fraction of the present value it has. However, the trader gave up amid shifting market conditions following stagnation and decided to offload the $ASTEROID holdings.

Incurring $137 Loss Instead of Life-Changing Opportunity Amid Volatile Market

So, the trader, while endeavoring to cut losses, swapped the whole 7.43B tokens in return for just 0.1744 $ETH. This indicates that the trader sold that amount for up to $405, showing a loss of nearly $137. Following that, $ASTEROID started showing shifting market dynamics with significant price increase. As a result, the trader missed a remarkable opportunity as the sold $ASTEROID holdings currently have a value of more than $2.6M.

A roughly $292 million exploit over the weekend has rattled the crypto industry, exposing vulnerabilities in decentralized finance (DeFi) infrastructure and raising concerns about knock-on effects across lending protocols.

While investigations are still ongoing, early analysis suggests the attack centered on Kelp’s rsETH token — a yield-bearing version of ether ($ETH) — and the mechanism used to move assets between blockchains.

The attacker appears to have manipulated that system to create large amounts of tokens without proper backing, then quickly used them as collateral to borrow and drain real assets from lending markets, mostly from Aave , the largest decentralized crypto lender.

The incident is the latest blow to DeFi, happening only a couple weeks after the $285 million exploit of Solana-based protocol Drift, further denting investor trust in the nearly $90 billion crypto sector.

How the attack worked

At a high level, the exploit targeted a LayerZero bridge component — a piece of infrastructure that enables assets to move across different blockchains, Charles Guillemet, CTO of hardware wallet maker Ledger, told CoinDesk in a note.

Bridges typically work by locking assets on one chain and minting equivalent tokens on another. That process depends on a trusted entity — often called an oracle or validator — to confirm deposits.

In this case, Kelp effectively acted as that verifier. According to Guillemet, the system relied on a single-signer setup, meaning just one entity could approve any transactions.

“It seems the attacker was able to sign a message … allowing him to mint large amount of rsETH,” he said. He added that it remains unclear how that access was obtained.

Michael Egorov, founder of Curve Finance, pointed to the same weakness in the system’s configuration.

“Things can happen when you trust one single party — whoever that would be.”

That setup allowed the attacker to effectively create unbacked tokens, even though no corresponding assets were locked on the source chain.

Once minted, the tokens were quickly deployed. The attacker “immediately deposited them in lending protocols mostly Aave to borrow real $ETH against,” Guillemet explained.

That maneuver shifted the problem from a single exploit into a broader market issue. DeFi lending platforms are now left holding collateral that may be difficult to unwind, while valuable and liquid assets are already drained.

“Aave was left with rsETH which cannot be really sold and maxborrowed [sic] $ETH, so no one can withdraw $ETH,” Curve’s Egorov said.

As a result, Aave and other lending protocols may be sitting on hundreds of millions of dollars in questionable collateral and bad debt, he warned, raising concerns of a potential “bank run” dynamic as users rush to withdraw funds.

Aave saw about a $6 billion drop in assets on the protocol as users yanked their assets following the incident. The token associated with the protocol was down about 15% over the past 24 hours’ trading.

What we still don’t know

Key questions remain around how the validator was compromised. The system relied on LayerZero’s official node, raising uncertainty over whether it was hacked, misconfigured or misled.

“Was it hacked? Was it fooled? We don’t know,” Egorov said.

The attacker’s identity is also unknown, though Guillemet said the scale of the attack suggests a sophisticated actor.

“Clearly not some script kiddies,” he said.

Big blow for trust in DeFi

Beyond the immediate losses, the exploit the episode serves as another reminder that as DeFi grows more interconnected, failures in one layer can quickly cascade across the system.

Egorov argued that non-isolated lending models, where assets share risk across pools, amplify the impact of such events.

He also pointed to shortcomings in how new assets are onboarded to lending platforms, saying configurations like Kelp’s 1-of-1 verifier setup should have been flagged earlier.

However, Egorov said there’s a silver lining. “Crypto is a harsh environment which no bank would have survived — yet we are working with that,” he said. “I think DeFi will learn from this incident and become stronger than before.”

Still, even as incidents like this lead to protocol upgrades and redesigns, they also chip away investor confidence in the broader DeFi sector.

“All in all, the trust into DeFi protocols is eroded by this kind of event,” Guillemet said.

“And 2026 will most likely be the worst year in terms of hacks, again,” he added.

Read more: ‘DeFi is dead’: crypto community scrambles after this year’s biggest hack exposes contagion risks

The Zcash price has moved lower even after the network disclosed that critical software fixes had been deployed across major mining operations. $ZEC was trading near $325.95, down about 5.47% over 24 hours, while its market capitalization stood at $5.42 billion. Daily trading volume reached $476.94 million.

The decline came after Zcash Open Development Lab and the Zcash Foundation announced coordinated patches for vulnerabilities in both zcashd and Zebra.

The network said the flaws were not used to affect the consensus chain. It also said all user funds remained safe and user privacy was not at risk. According to the disclosure, none of the vulnerabilities could on their own have been used to inflate $ZEC supply. Even so, the market reaction stayed cautious, with traders focusing on near-term price weakness rather than the fact that the fixes were already in place before the public update.

Critical Patches Were Deployed Before Public Disclosure

Zcash said the updated releases included zcashd v6.12.1 and Zebra v4.3.1. The fixes addressed four vulnerabilities, including an Orchard action-encoding bug that could crash nodes processing certain transactions. The disclosure also referred to a consensus enforcement gap between the two implementations that could have triggered a chain split, a bug tied to zcashd turnstile accounting, and undefined behavior linked to unchecked integer arithmetic in pool balance calculations.

The project stated that mining pools representing a supermajority of network hash power had already deployed the patches. The main operator using Zebra in mining production had also updated before disclosure. Zcash said there was no evidence that any of the issues had been exploited. That reduced the risk of disruption at the network level, but it did not stop the token from slipping during the session.

The security update arrived at a time when market participants were already watching several moving parts across privacy coins and mid-cap crypto assets. In that setting, even a controlled disclosure can affect short-term sentiment, especially when traders react to the headline before reading the full technical explanation.

Network Data Remains Firm Even as Price Retreats

While $ZEC moved lower, several on-chain and network indicators remained steady. Zcash said the shielded pool recently reached an all-time high, with 31% of all $ZEC now held in the encrypted pool. A year earlier, that share was 11%. The project also said 59% of transactions are now shielded, pointing to continued usage of its privacy features.

Zcash is also testing NIST-standardized lattice-based cryptography, including ML-KEM and ML-DSA, as part of its post-quantum work. The update came after a Google paper published on March 31 raised new discussion around quantum computing timelines. At the same time, Zcash network hash rate reached a record 16.54 GS/s, showing continued mining participation even during the latest market pullback.

These metrics show that the selloff did not come with signs of network failure. Instead, the price move appeared to reflect a gap between market sentiment and network conditions. Traders often respond to immediate price pressure, while technical improvements and usage data tend to shape longer-term views.

$ZEC Price Chart Keeps Focus on Support Near $310

On the 12-hour chart, $ZEC price is still trying to transition from a recovery phase into a broader reversal structure. The chart shows a rounded base forming from the February lows, with price moving back into the $310 to $330 zone. That area now acts as a key support band after the recent attempt to break higher.

Source: X

$ZEC recently touched the $380 area before pulling back, which suggested that buying momentum cooled ahead of the next resistance test. As long as price stays above the $310 to $330 range, the higher-low structure remains in place. A stable retest of that area could support another move upward if buyers return.

The next major resistance zone remains between $430 and $450. That band has rejected price several times before, making it the main upside level on the chart. If support near $310 fails, traders may look back toward the mid-$200s, where the rounded base began to form.