Tag: Business – Decrypt

President Donald Trump is set to host another in-person event for his meme coin holders later this month at Mar-a-Lago, but in perhaps a sign of times, the price to attend is considerably lower than it was last year.

The team behind President Trump’s Solana-based token, which trades as TRUMP, finalized the list of attendees on Tuesday, with the guest list based on a leaderboard tied to token holdings and other factors.

Last time around, a select group of attendees attained “VIP” status by each amassing millions of dollars’ worth of the tokens. But earning the VIP label for President Trump’s latest event, a luncheon and conference to be held for top holders, cost roughly 90% less this time around—down from approximately $3 million to around $300,000.

VIP status, the top level of access for the event, grants attendees a private “meet and learn” experience with “superstar” attendees like Tether’s Paolo Ardoino, retired boxer Mike Tyson, and Ark Invest’s Cathie Wood. That bonus reward, beyond access to the luncheon with President Trump, was granted to the top 29 registered TRUMP holders who earned points based on time-weighted holdings of the token from March 12 to April 14.

Based on available on-chain holder data compared to the Trump meme team’s final leaderboard, at least one account that earned VIP status and ranked 12th overall—a Solana address beginning in “Ciz7y”—never held more than 114,212 TRUMP tokens during the more than month-long snapshot period.

That amount, now worth around $318,000, peaked at about $473,000 when the token traded at $4.14 on March 15. 

Other VIPs, like Solana address “2ciorM,” transferred in around 102,000 TRUMP tokens on March 12 and made no other moves. Those tokens, now valued at $283,000, were good enough to rank the address 17th, well above the VIP cutoff. 

Those sums are dramatically smaller than those seen for last year’s initial exclusive event for Trump meme coin holders, where the top finalists each held millions of dollars’ worth of tokens to earn VIP status, which conferred exclusive benefits. The final VIP holder for last May’s event, ranked 25th, had nearly $3 million worth of TRUMP tokens around the time of the snapshot. 

At that time, gaining VIP access to the first TRUMP meme coin gala required around $4.78 million worth of the president’s official meme coin, on average. The top holder—an account labeled “Sun” that Tron founder Justin Sun confirmed was his—buoyed the group by possessing around $19 million in TRUMP at the time of the snapshot last year.

The Tron founder, who earlier this week publicly bashed the Trump family’s World Liberty Financial business—a separate crypto venture, was again the top holder on this year’s meme coin leaderboard.

This time, though, the value of his account is only around $9.3 million, as the TRUMP token’s price has fallen precipitously from its highs. He maintains a balance of around 3.3 million TRUMP tokens, or 1.4 million more tokens than the first time around.

As it stands, the official TRUMP token was recently trading around $2.80, down 29% in the last month and now 96% off its all-time high of $73.43 achieved shortly after launch. The token briefly jumped around 40% after the announcement of the latest in-person event, but has since erased those gains. 

By comparison, during last year’s exclusive event, the token closed the snapshot day trading around $13.08—about 370% higher than its current trading price. 

This time around, token holders were also awarded 10 points for every $1 spent on purchases of Trump-branded merchandise—like hats and watches—during the token-holding period, which is something that can’t be accounted for with on-chain data.

That bonus could have moved the needle for some prospective VIPs, but otherwise, it appears that holders needed to spend far less on TRUMP tokens this year to gain special access.

Last year’s TRUMP meme coin dinner drew scrutiny from Democratic lawmakers, who demanded an ethics probe into the invitation. Famously, Senator Elizabeth Warren called the event an “orgy of corruption,” alleging that people could use it to buy access to the president.

This year’s Mar-a-Lago event will require attendees to pass a background check, and ensure they are not residents of a KYC-watchlist country. According to the terms and conditions, the event, slated for April 25, may be cancelled for any reason, and does not guarantee the attendance of President Trump. 

If Trump can not attend, or the event does not take place, then attendees will receive a Trump-themed NFT. 

President Donald Trump’s nominee to lead the Federal Reserve disclosed a vast fortune Tuesday worth well over $100 million, which includes numerous investments in the crypto sector and other emerging tech startups.

Kevin Warsh, a former Fed governor with deep Wall Street ties, was required to disclose his personal finances as part of his Senate confirmation process. His filing reveals a significant net worth. Warsh has $100 million parked in a single investment fund, for instance—one of dozens of investments and income streams the former banker was required to make public.

In his previous stint at the Fed, Warsh played a key role in the historic bank bailouts that followed the 2008 financial crisis. His current investments run the gamut from traditional finance to emerging technology firms, including several in the crypto sector.

Among Warsh’s listed investments, for instance: blockchain network Solana, yield-focused Ethereum layer-2 network Blast and Optimism, Ethereum DeFi lending protocol dYdX, NFT company Dapper Labs, and Polychain, a crypto venture firm. His other crypto investments include Bitcoin trading platform Flashnet, Ethereum developer platform Tenderly, and DeSo, an on-chain social media startup.

The Fed Chair nominee has also invested in a slew of emerging tech ventures, including Contraline (a “reversible male contraceptive solution”), Cionic (“bionic movement-enhancing wearable clothing”), and Arc Boats, an electric boating company.

Warsh further disclosed a slew of investments in AI-focused companies—plus exposure to crypto-fueled prediction market juggernaut Polymarket, and Elon Musk’s SpaceX, which is gearing up to launch a potential record-breaking IPO.

Though Warsh appears to enjoy support on Capitol Hill, his path back to the Fed is far from simple. The Trump Justice Department is currently pursuing a criminal investigation of sitting Fed Chair Jerome Powell—a longtime thorn in the side of the president—and key senators have signaled they will refuse to advance Warsh’s nomination until that investigation is resolved.

Though the Justice Department’s case against Powell has incurred major setbacks, the Trump administration appears intent on continuing to pursue the matter.

If you’ve been following the local AI scene, you probably know Qwopus—the open-source model that tried to distill Claude Opus 4.6’s reasoning into Alibaba’s Qwen, so you could run something resembling Opus on your own hardware for free. It worked surprisingly well. The obvious catch: Qwen is a Chinese model, and not everyone is comfortable with that.

Jackrong, the same pseudonymous developer behind that project, heard the feedback. His answer is Gemopus—a new family of Claude Opus-style fine-tunes built entirely on Google’s open-source Gemma 4. All-American DNA, same idea: frontier-level reasoning, running locally on hardware you already own.

The family comes in two flavors. Gemopus-4-26B-A4B is the heavier option—a Mixture of Experts model that has 26 billion total parameters but only activates around 4 billion during inference, which means it punches well above its weight on constrained hardware.

Parameters are what determine an AI’s capacity to learn, reason, and store information. Having 26 billion total parameters gives the model a huge breadth of knowledge. But by only “waking up” the 4 billion parameters relevant to your specific prompt, it delivers the high-quality results of a massive AI while remaining lightweight enough to run smoothly on everyday hardware.

The other is Gemopus-4-E4B, a 4-billion parameter edge model engineered to run comfortably on a modern iPhone or a thin-and-light MacBook—no GPU required.

The base model choice matters here. Google’s Gemma 4, released on April 2, is built directly from the same research and technology as Gemini 3—the company said so explicitly at launch. That means Gemopus carries something no Qwen-based fine-tune can claim: The DNA of Google’s own state-of-the-art closed model under the hood, wrapped in Anthropic’s thinking style on top. The best of both worlds, more or less.

What makes Gemopus different from the wave of other Gemma fine-tunes flooding Hugging Face right now is the philosophy behind it. Jackrong deliberately chose not to force Claude’s chain-of-thought reasoning traces into Gemma’s weights—a shortcut most competing releases take.

His argument, backed by recent research, is that stuffing a student model with a teacher’s surface-level reasoning text doesn’t actually transfer real reasoning ability. It teaches imitation, not logic. “There is no need for excessive imagination or superstitious replication of the Claude-style chain of thought,” the model card reads. Instead, he focused on answer quality, structural clarity, and conversational naturalness—fixing Gemma’s stiff Wikipedia tone and its tendency to lecture you about things you didn’t ask.

AI infrastructure engineer Kyle Hessling ran independent benchmarks and published the results directly on the model card. His verdict on the 26B variant was pretty favorable. “Happy to have benched this one pretty hard and it is an excellent finetune of an already exceptional model,” he wrote on X. “It rocks at one-shot requests over long contexts, and runs incredibly fast thanks to the MOE (mixture of experts) architecture.”

The smaller E4B variant passed all 14 core competence tests—instruction following, coding, math, multi-step reasoning, translation, safety, caching—and cleared all 12 long-context tests at 30K and 60K tokens. On needle-in-haystack retrieval, it passed 13 out of 13 probes including a stretch test at one million tokens with YaRN 8× RoPE scaling.

The 26B extends natively to 131K context and all the way out to 524K with YaRN, which Hessling also stress-tested: “It also crushed my simple needle-in-the-haystack tests all the way out to an extended context of 524k!”

On edge hardware, the E4B is genuinely fast. Jackrong reports 45–60 tokens per second on iPhone 17 Pro Max, and 90–120 tokens per second on MacBook Air M3/M4 via MLX. The 26B MoE architecture means it offloads gracefully on unified memory systems or GPUs with under 10GB of VRAM. Hessling called it his daily driver recommendation for VRAM-starved setups.

Both models are available in GGUF format, which means you can drop them straight into LM Studio or llama.cpp without configuration. The full training code and a step-by-step fine-tuning guide are on Jackrong’s GitHub—same pipeline he used for Qwopus, same Unsloth and LoRA setup, reproducible on Colab.

Gemopus is not without its rough edges. Tool calling remains broken across the entire Gemma 4 series in llama.cpp and LM Studio—call failures, format mismatches, loops—so if your workflow depends on agents using external tools, this is not your model yet. Jackrong himself calls it “an engineering exploration reference rather than a fully production-ready solution,” and recommends his own Qwopus 3.5 series for anyone who needs something more stable for real workloads.

And because Jackrong deliberately avoided aggressive Claude-style chain-of-thought distillation, don’t expect it to feel as deeply Opus-brained as Qwopus—that was a conscious tradeoff for stability, not an oversight.

For those who want to go deeper into Gemma fine-tuning for reasoning specifically, there is also a separate community project worth watching: Ornstein by pseudonmyous developer DJLougen, which takes the same 26B Gemma 4 base and focuses specifically on improving its reasoning chains without relying on the logic or style of any specific third party model.

One honest caveat: Gemma’s training dynamics are messier than Qwen’s for fine-tuners—wider loss fluctuations, more hyperparameter sensitivity. Jackrong says so himself. If you need a more battle-tested local model for production workflows, his Qwopus 3.5 series remains more robustly validated. But if you want an American model with Opus-style polish, Gemopus is currently your best available option. A denser 31B Gemopus variant is also in the pipeline, with Hessling teasing it as “a banger for sure.”

If you want to try running local models on your own hardware, check our guide on how to get started with local AI.

A fake Mac app impersonating Ledger’s self-custody software led to the loss of more than $9.5 million in crypto assets from over 50 total users in the last week, according to a new investigation from pseudonymous on-chain sleuth, ZachXBT.

The application, which pretended to be the Ledger Live app from which users can manage assets held by Ledger hardware devices, impacted victims from April 7 until April 13, when it was removed from the Apple App Store. 

“Stolen funds were laundered via 150+ KuCoin deposit addresses tied to AudiA6, a centralized mixing service that charges high fees to launder illicit funds,” ZachXBT posted in a message to his Telegram channel.

According to his analysis, at least three victims lost more than $1.95 million apiece, with one wallet being drained of $3.27 million USDT. Swiped assets included Bitcoin, Solana, XRP, USDT, and others.

Musician G. Love—aka Garrett Dutton, frontman of the long-running rock band G. Love & Special Sauce—was among the victims impacted by the fake app, losing 5.92 BTC valued around $447,000. He shared his story on X over the weekend.

“I had a really tough day today. I lost my retirement fund in a hack/scam when I switched my Ledger over to my new computer and by accident downloaded a malicious Ledger app from the Apple Store,” he posted on X on April 11. “All my BTC gone in an instant.” 

The fake app would remain in the App Store for nearly two more days, according to ZachXBT’s analysis. A representative for Apple did not immediately respond to Decrypt’s request for comment. 

Upon noting that the stolen funds had been traced to KuCoin, the exchange’s support team responded to the musician, indicating that they had frozen a suspicious account related to the funds. 

“Please note that while we may assist [in] freezing the suspicious account upon receipt of relevant information or a credible complaint, such actions are still subject to due legal documents and processes to ensure compliance,” it posted on X. 

The exchange has reportedly been dealing with an increase in illicit activity on its platform, according to ZachXBT. Last month, it was barred from offering access to U.S. users unless it registered as a foreign board of trade. Last year, KuCoin was hit with a $14 million fine, the largest ever anti-money laundering fine in Canadian history, by the nation’s financial regulator. 

Fake applications and websites are among the most common phishing vectors for Ledger users, according to the firm’s dedicated phishing campaign page, along with fake calls, emails, and letters.The U.S. Attorney’s Office for the District of Connecticut recently recovered $600,000 worth of crypto assets that had been part of a fraud scheme using fake letters purported to be from Ledger. 

A representative for Ledger did not immediately respond to Decrypt’s request for comment and it has not issued a public statement about the recent phishing campaign. 

Goldman Sachs filed an application for an exchange-traded fund on Tuesday that seeks to generate income for investors by selling options tied to Bitcoin’s price, underscoring the Wall Street giant’s incremental approach toward the digital assets space.

The Goldman Sachs Bitcoin Premium ETF would allocate at least 80% of its assets to investments that provide exposure to Bitcoin, including ETFs that track the digital asset’s spot price as well as derivatives tied to those products.

To generate income for investors, the fund would sell options tied to Bitcoin ETFs, generating returns from the premium that investors pay to gain leveraged exposure to Bitcoin.

With Goldman Sachs managing $3.65 trillion in assets (AUM), the filing represents a new entry into “the Bitcoin ETF game,” according to Bloomberg Senior ETF Analyst Eric Balchunas, who expressed a sense of shock on X at the investment bank’s latest filing.

The analyst noted that Goldman’s fund is based around a subsidiary located in the Cayman Islands, allowing it to manage regulatory limitations associated with holding commodities. That stands in contrast with a similar ETF that BlackRock has filed for, he said.

“Goldman may sense [an opportunity] to leap frog them,” Balchunas added, suggesting that the ETF could debut first due to its regulatory structure. “Anyway, I can’t say I saw this coming.”

In January, BlackRock filed an SEC registration for an iShares Bitcoin Premium Income ETF that generates income through call options. The fund, if approved by the SEC, would compete with other Bitcoin covered-call ETFs like NEOS’ BTCI, which has $1 billion in AUM.

Because BlackRock’s Bitcoin premium income ETF is actively managed, the product is set to have a higher expense ratio than its flagship offering tracking Bitcoin’s spot price.

Since BlackRock’s spot Bitcoin ETF debuted in 2024, the product has generated $63.8 billion worth of net inflows, according to crypto data provider CoinGlass. Meanwhile, Morgan Stanley last week debuted its own spot Bitcoin ETF, which has taken in roughly $68 million.

In February, Goldman Sachs CEO David Solomon revealed that “very little, but some” Bitcoin, describing himself as less of an investor and more of an observer of the largest digital asset.

The SEC unveiled a new policy Monday exempting certain decentralized finance interfaces from key registration requirements—a proactive move that indicates the regulator is moving full-steam ahead on its crypto agenda, with or without Congress.

The new policy, laid out today in an SEC staff statement, allows user interfaces for DeFi tools to forego registration as broker-dealers, so long as they meet certain requirements. User interfaces, as defined by the SEC, are services, created by crypto companies, that make it easier for self-custodial wallet holders to complete on-chain transactions.

Prior to President Donald Trump’s return to power, the SEC viewed such interfaces as squarely under the agency’s purview, given they technically involved a crypto company playing some role in connecting independent DeFi users to a marketplace. Crypto industry leaders have long argued such interfaces should not be considered akin to hands-on, traditional Wall Street brokers like Charles Schwab.

Now, crypto leaders have appeared to have gotten their wish. Should a user interface adhere to a list of requirements, the SEC has said it will not obligate the companies behind those interfaces to register with the agency—even when the interfaces engage with securities.

To qualify, an interface must not handle or hold user funds; arrange financing; solicit users to engage in any specific crypto transactions; or pressure users to choose one transaction path over another. It must also give users multiple options for executing transactions and list the options by objective criteria such as price, and charge users only flat rates or fixed rates for assisting with transactions, among other requirements.

“Crypto is forcing the Commission to confront its inner demons that have driven it toward ever more expansive readings of the securities laws,” SEC commissioner Hester Peirce, a noted crypto advocate, said Monday of the staff statement. “Recent history is littered with a patchwork of no-action letters and enforcement actions that have contorted the term ‘broker’ beyond recognition.”

Decentralized finance leaders hailed the announcement as a major step forward for the sector.

“Tough day for the gatekeepers and the moat protectors,” Amanda Tuminelli, executive director of the DeFi Education Fund, said Monday. “Good day for builders.”

“This is an incredible moment,” Matt Corva, general counsel at Ethereum software giant Consensys, proclaimed. (Disclaimer: Consensys is one of many investors in an editorially independent Decrypt.)

“If decentralized applications meet their promise,” he continued, “you can pencil this down as the day centralized intermediaries were dealt a critical blow by allowing fair competition against them.”

Miles Jennings, the head of Andreessen Horowitz’s crypto arm, dubbed the SEC statement a “huge win for DeFi.”

Other industry leaders noted the SEC’s statement shows the agency is moving ahead with the key pillars of its crypto agenda despite having not yet received specific guidance from Congress on the subject.

Though SEC Chair Paul Atkins has repeatedly voiced his support for the Senate’s pending crypto market structure bill, he has also said he does not need the legislation to pass in order to realize his aggressively pro-crypto agenda. 

The Senate bill, dubbed the Clarity Act, has remained in limbo for months, hung up on several thorny issues. Backers of the bill have warned in recent days that, with November’s midterms fast approaching, the legislation may not become law if it doesn’t pass imminently.

MiniMax M2.7 is here, the weights are on Hugging Face, and it’s legitimately competing with the best closed models out right now.

The numbers: 56.22% on SWE-Pro (a benchmark for software engineering tasks), nearly matching Claude Opus 4.6; 57.0% on Terminal Bench 2. An ELO of 1495 on GDPval-AA (a benchmark for real-world knowledge work tasks across jobs). For context: This is the highest among open-weight models, only slightly below Opus 4.6, Sonnet 4.6, and GPT-5.4.

It’s a 230B-parameter Mixture of Experts model with only 10B active per inference pass, so you get frontier-level output without paying frontier-level compute. MiniMax said it was the first model to participate in its own development—an internal version ran 100+ autonomous rounds of self-optimization, rewrote its own scaffold, and came out 30% better. No human in the loop.

Then the license changed, and the community lost it

But shortly after the weights dropped, the Chinese AI lab MiniMax quietly updated the terms: commercial use now requires written authorization from MiniMax.

Non-commercial use stays free and unrestricted. Research, personal projects, fine-tuning for your own setup—none of that changed. But if you’re running a hosted service or building a commercial product, you’re in “needs authorization” territory now.

Hacker News and a Hugging Face discussion thread filled up fast with developers calling it out. The specific friction point is this: MiniMax is labeling the license “MIT-style,” but MIT permits commercial use by definition. Calling it “Modified-MIT” while restricting commercial use is, to put it charitably, confusing.

Ryan Lee, MiniMax’s Head of Developer Relations, posted a detailed response rather than the usual corporate non-answer. His explanation: bad-faith hosting providers had been deploying degraded versions of previous MiniMax models—wrong templates, aggressive quantization, sometimes not even MiniMax’s actual model—then letting users walk away thinking MiniMax ships mediocre work.

“They walk away thinking MiniMax is mid,” Lee wrote. “We get the reputational bill, the user gets a bad experience, and the serious hosting providers who do the work properly get drowned out in the noise.”

“A fully permissive license meant we had no way to push back on any of that,” he added. “If the license has edge cases that hurt legitimate community use, tell us. We’d rather fix the text than defend it.”

This fits a wider pattern. MiniMax built its developer reputation on fully open releases—M2 under MIT in October 2025, M2.5 under the same terms in February 2026. M2.7 is the first break from that streak, and it came just months after the company listed on the Hong Kong Stock Exchange in January 2026, raising around $620M with Alibaba and Abu Dhabi’s sovereign wealth fund among its backers.

Other Chinese companies, which dominate the open-source space, are also testing the waters of close-sourcing AI. Alibaba’s Qwen team reportedly shifted toward proprietary development after senior leadership departures, according to the Financial Times, Xiaomi also released its new MiMo v2 models under a close source license. The shorthand that Chinese labs are open and U.S. labs are closed no longer holds.

For those interested in using it commercially, Lee says the authorization process will be fast and reasonable.

A criminal group is threatening to release stolen customer data from crypto exchange Kraken, the firm reported Monday, publicly disclosing the conflict via social media.

“We will not pay these criminals; we will not ever negotiate with bad actors,” Kraken Chief Security Officer Nick Percoco posted on X.

“We are currently being extorted by a criminal group threatening to release videos of our internal systems with client data shown if we do not comply with their demands,” Percoco added. “We are actively working with federal law enforcement across multiple jurisdictions to pursue all individuals involved and bring them to justice.”

According to Percoco, the firm recently received a tip that a video was made showcasing sensitive customer information from its internal systems. That tip follows a February 2025 security incident in which a similar video, containing customer information, was shared on a “criminal forum.” 

In each instance, the individual involved from within the company was identified. No customer funds were at risk, Percoco said, and internal systems were not breached. 

“Since then, we have been collaborating with industry partners and law enforcement to investigate and disrupt insider recruitment efforts targeting not only crypto companies, but also gaming and telecommunications organizations,” said Percoco. 

The firm’s security executive approximated that around 2,000 individuals potentially had their information viewed, and anyone at risk has already been contacted. The criminals are allegedly threatening to share that information with local media and across social media networks if Kraken does not comply with their demands. 

Additional details about the incident are not being shared by the firm at the time, due to the ongoing investigation. A representative for the firm did not immediately respond to Decrypt’s requests for comment.

In his statement, Percoco said he believes there is sufficient evidence to identify and arrest the malicious actors. 

The extortion attempt comes at a time when wrench attacks, or physical attacks in order to gain access to a victim’s crypto holdings, have jumped more than 75% year-over-year. Last year alone, more than $40 million in confirmed losses were attributed to wrench attacks, according to a report from CertiK, following headlines detailing grisly attacks on industry workers and investors.

Kraken confidentially filed for IPO in November of last year, but quietly delayed those plans this year due to difficult crypto market conditions, according to a March report from CoinDesk.

Last year, its publicly traded competitor Coinbase indicated that it had suffered a major data breach that impacted more than 69,000 customers at the end of 2024. The exploit was the result of criminals bribing Coinbase’s customer support agents for access to names, addresses, and more.

The UK’s AI Security Institute evaluated Anthropic’s Claude Mythos Preview to assess its purportedly substantial cybersecurity capabilities, finding the AI model can autonomously execute sophisticated cyber attacks with unprecedented success rates.

The existence of Claude Mythos was first revealed in late March via a website leak, with Anthropic confirming that the powerful next-generation model is capable of finding and exploiting cybersecurity exploits at a level never seen before by any available AI model. It purportedly found serious exploits in current web browsers and operating systems.

Rather than release the model publicly, Anthropic has offered limited access to dozens of security research firms to test the model and prepare for its advanced capabilities. Last week, U.S. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell reportedly warned bank executives about the looming security threat posed by Claude Mythos.

The AI Security Institute’s test results, released Monday, show that there’s real substance behind the hype. The evaluation showed that Mythos Preview succeeded 73% of the time on expert-level capture-the-flag tasks—challenges that no AI model could complete before April 2025, it said. 

The threat could prove substantial and wide-ranging, though the technology could be used to find and fix vulnerabilities, rather than just exploit them. For crypto infrastructure operators, such advancing AI capabilities represent a new category of potential security threat as AI systems gain the ability to independently probe and exploit network vulnerabilities.

Mythos Preview became the first AI model to complete “The Last Ones” (TLO), the AI Security Institute said—a 32-step corporate network attack simulation that typically requires humans 20 hours to finish. The model succeeded in three out of 10 attempts, averaging 22 of 32 steps completed across all runs.

The simulation spans initial reconnaissance through full network takeover, mimicking real-world corporate intrusions. Claude Opus 4.6, the next-best-performing model, averaged only 16 steps. The UK institute noted that Mythos Preview’s performance continues to scale with increased computational resources, using up to 100 million tokens per evaluation run.

When explicitly directed and given network access in controlled evaluations, the model demonstrated abilities to execute multi-stage attacks and discover vulnerabilities without human guidance.

The advancement marks a dramatic escalation from just two years ago, when AI models struggled with basic cybersecurity exercises. The UK AI Safety Institute, which has tracked these capabilities since 2023, documented this rapid progression from beginner-level tasks to expert-level autonomous attacks.

For the crypto ecosystem, where smart contract vulnerabilities and exchange hacks already cost billions annually, AI-powered attacks could amplify existing risks. DeFi or decentralized finance protocols, which often rely on complex interconnected systems, may face particular exposure to automated exploitation attempts that can analyze and attack multiple vectors simultaneously.

Crypto investment products surged back to life last week as improving macro conditions triggered a sharp reversal in institutional sentiment, according to data released Monday by asset manager CoinShares.

The $1.1 billion in weekly inflows marked the strongest weekly performance since early January, with tentative ceasefire developments in Iran and softer-than-expected US CPI data restoring investor confidence, according to James Butterfill, head of research at CoinShares.

U.S. investors dominated the return to crypto, accounting for $1.06 billion or 95% of global flows. U.S. spot Bitcoin ETFs captured the bulk of this activity with $833.2 million in weekly inflows, according to Farside Investors data. Trading volumes rose 13% week-over-week to $21 billion, per CoinShares, though this remains well below the year-to-date average of $31 billion, suggesting room for further recovery.

The inflow surge revealed sophisticated institutional positioning as investors simultaneously increased both bullish bets and downside hedges.

While Bitcoin funds globally attracted $871 million and Ethereum saw $196.5 million last week after three weeks of outflows, short-Bitcoin products recorded $20.2 million in inflows—their highest weekly total since November 2024. This dual positioning suggests institutions are adding crypto exposure while maintaining protection against potential volatility.

Last week’s performance brought Bitcoin’s year-to-date inflows to just under $2 billion, representing 83% of the $2.3 billion in total crypto ETP inflows recorded in 2026 so far. Ethereum remains one of the few assets in negative territory for the year with cumulative outflows of $130 million, despite its recent weekly recovery. The broader inflow surge has lifted total assets under management to levels not seen since early February.

XRP funds led the way the previous week with nearly $120 million worth of inflows, even outpacing Bitcoin funds during that week—but XRP investments fell to $19.3 million last week, per the CoinShares report.

Last week’s institutional crypto surge follows five consecutive weeks of outflows totaling $4 billion that had dampened market sentiment through March.

Amid last week’s rebound came the launch of Morgan Stanley’s Bitcoin ETF, which pulled in nearly $62 million in investments last week after its Wednesday launch, per Farside Investors.

The firm has already filed for Ethereum and Solana ETFs, as well, and Morgan Stanley’s Amy Oldenburg told Decrypt last week that the firm also plans to explore crypto offerings like a tokenized money market fund and tax-harvesting services for clients.