The Democratic People’s Republic of Korea (DPRK) continues to pose the most significant nation-state threat to cryptocurrency security, achieving a record-breaking year for stolen funds despite an assessed dramatic reduction in attack frequency.

A report by Chainalysis reveals that North Korean hackers stole $2.02 billion in cryptocurrency in 2025, a 51% year-over-year increase, pushing their all-time total to $6.75 billion despite fewer attacks.

North Korean threat actors are increasingly achieving these outsized hacks often by embedding IT workers one of DPRK’s principal attack vectors inside crypto services to gain privileged access and enable high impact compromises.

Fueled in large part by the historic $1.5 billion breach of Dubai-based exchange Bybit in February the largest single heist on record these sophisticated operations highlight Pyongyang’s growing reliance on cyber theft to bypass international sanctions and fund its nuclear and missile programs, as noted by the United Nations and U.S. authorities.

With fewer but far more impactful attacks, often involving social engineering, insider infiltration, and targeted compromises of centralized platforms, North Korea has solidified its position as the dominant force in high-stakes crypto crime, pushing its cumulative known thefts since tracking began to approximately $6.75 billion.

While no major incidents were publicly reported in January, the year saw significant escalations in high-value thefts and broader espionage.

In February 2025, the largest single crypto heist in history occurred on February 21, when hackers stole approximately $1.5 billion in Ethereum from the Dubai-based exchange Bybit. U.S. authorities, including the FBI’s Internet Crime Complaint Center (IC3), attributed this to North Korea, citing the exploitation of vulnerabilities in third-party software. This incident alone accounted for a significant portion of the year’s total thefts and highlighted North Korea’s advanced capabilities in targeting centralized exchanges.

In April, North Korean cyber espionage expanded beyond crypto, with reports of increased infiltration targeting European defense and government sectors. This included attempts to steal sensitive technology and intelligence, potentially to support missile programs.

While not a direct “hack” in the theft sense, these operations violated UN sanctions and marked a broadening of North Korea’s cyber strategy.

On November 27, South Korea’s Upbit exchange suffered a $30–36 million theft from its Solana hot wallet, draining assets like SOL, USDC, BONK, JUP, and others. Forensic analysis linked the attack to North Korea’s Lazarus Group, noting similarities to their 2019 Upbit hack (including the exact anniversary timing).

South Korean authorities launched an on-site investigation, and Upbit committed to full user reimbursement from its reserves.

– December: Early-month reports confirmed North Korea’s role in the Upbit incident, with experts noting it as part of a pattern targeting South Korean exchanges.

Broader discussions highlighted North Korea’s exploitation of Android zero-days to target crypto exchanges and IT engineers, alongside a major exposure of 400,000 secrets in the “Shai Hulud 2.0” attack (though direct attribution to North Korea was not confirmed).

By mid-December, Chainalysis released its annual report, quantifying the $2 billion+ in 2025 thefts and noting Amazon’s blocking of 1,800 fake North Korean IT workers as part of broader countermeasures. Speculation arose about potential large-scale infrastructure attacks, but no confirmed incidents occurred by December 20.

Overall, 2025’s activities were dominated by crypto-focused hacks, with the Bybit and Upbit incidents standing out. Other thefts likely filled the gap to reach the $2 billion total, but details remain sparse due to the covert nature of these operations.

In a landmark victory capping a legal saga that has spanned nearly three decades, Telecom Italia (TIM), Italy’s former telecommunications monopoly, has won a final ruling from the country’s Supreme Court entitling it to a reimbursement of approximately €1 billion ($1.2 billion) from the Italian government.

The decision, confirmed by TIM in a statement on Saturday, resolves a contentious dispute over a 1998 concession fee imposed during the liberalization of Italy’s telecom sector, providing a much-needed financial lifeline to the debt-burdened company amid ongoing restructuring. The origins of the case trace back to 1997, when Italy deregulated its telecommunications market, shifting from a monopolistic framework to open competition.

Despite this, TIM—then operating as Telecom Italia and its mobile arm TIM Mobile—was required to pay a license fee of €528.7 million in 1998, comprising €385.9 million for Telecom Italia and €142.8 million for TIM Mobile. The company argued the fee was illegitimate post-deregulation and sued the state for recovery. Lower courts ruled in TIM’s favor, ordering repayment, but the government appealed, prolonging the battle through multiple judicial levels until the Corte di Cassazione, Italy’s highest court, upheld the reimbursement on December 20, 2025.

The awarded sum is roughly double the original fee, inflated by revaluation and accrued interest over the years. Sources familiar with the matter, as reported by Reuters and Bloomberg, emphasized that the ruling makes the repayment binding, ending what has been described as one of Italy’s most protracted corporate litigations. TIM’s official confirmation aligned with these accounts, though the company has yet to release a detailed press statement on its website.

Financially, the windfall arrives at a critical juncture for TIM, which has grappled with substantial debt and operational challenges in recent years. As of June 30, 2025, the group’s adjusted net financial debt after lease stood at €7.5 billion, stable from prior quarters but reflective of broader pressures in a mature, competitive market. The company reported a net loss of €132 million for the first half of 2025, an improvement from previous periods, with revenues and earnings showing upward trends—bolstered by a positive operational cash flow of €482 million.

TIM halted dividend payments in 2022 to conserve cash amid these strains, but the reimbursement is poised to facilitate their resumption. A key strategic implication of the payout is the acceleration of TIM’s plan to dismantle its dual-class share structure. Savings shares, which guarantee holders a minimum dividend and represent about 28% of the company’s capital, have been a costly legacy feature.

CEO Pietro Labriola, who has spearheaded the company’s turnaround since taking the helm, views the funds as instrumental in phasing out these shares through conversion to ordinary stock. Two sources with knowledge of the matter indicated that the board could discuss this conversion as early as its meeting on December 29, 2025. Analysts suggest this move would simplify TIM’s capital structure, reduce financial burdens, and enhance its appeal to investors.

The ruling’s broader context underscores TIM’s ongoing restructuring efforts. In 2025, the company advanced a major asset sale, divesting a stake in its fixed-line network (Netco) to U.S. private equity firm KKR, a transaction aimed at slashing debt and funding 5G expansions. This deal, part of a wider strategy to streamline operations, has been hailed as a pathway to long-term consolidation in Europe’s telecom sector.

Labriola has publicly welcomed potential M&A activity among rivals, stating in November 2025 that such moves could create a “more balanced and rational” market. Recent analyst upgrades, including from Deutsche Bank in October 2025, have driven TIM’s stock up 6.8% at times, citing evidence of improved free cash flow and sector-wide consolidation prospects.

Market reaction to the court decision has been muted so far, likely due to the ruling falling on a Saturday, with European markets closed over the weekend. Historical precedents offer clues: In January 2025, TIM shares rose modestly by 0.5% after an appeals court rejected a government request to suspend the payment, while a May 2025 delay in proceedings triggered a 5.7% drop.

On the government side, officials have downplayed fiscal fallout. The 2026 budget already earmarks €2.2 billion for national and EU litigation costs, insulating Italy’s push to trim its budget deficit below 3% of GDP. This allocation reflects Rome’s anticipation of adverse rulings in various disputes, ensuring the TIM payout won’t derail broader economic goals.

Given TIM’s financial troubles, the reimbursement that comes with this ruling not only injects vital capital but also signals progress in addressing legacy issues, enabling the company to focus on growth. Analysts expect updates from the December 29 board meeting, which could outline concrete steps toward share conversion and dividend revival.

The Trump administration is moving to clamp down on the U.S. diversity visa lottery program, linking the policy shift to a fatal attack connected to a recipient of the scheme, in what critics describe as the latest use of a violent incident to justify a broader tightening of legal immigration.

The move followed confirmation on Thursday that the suspect in a shooting at Brown University, Claudio Neves Valente, a 48-year-old Portuguese national, had obtained permanent U.S. residency through the diversity visa program. Hours after authorities said Neves Valente was found dead in New Hampshire, Homeland Security Secretary Kristi Noem announced that her department would pause processing diversity visa applications, calling the program “disastrous.”

“To ensure no more Americans are harmed,” Noem said in a post on X, the Department of Homeland Security would halt processing tied to the lottery. She added that Neves Valente “should never have been allowed in our country,” though she did not cite any evidence that he posed a known security risk at the time of his entry in 2017.

The immediate scope and legal reach of the pause remained unclear on Friday. Most diversity visa applicants apply from outside the United States, and the program is administered primarily by the State Department rather than DHS. A department spokesperson nonetheless said the program posed a threat to public safety and that officials were working “to put in place all necessary measures,” without detailing what those measures would involve or how long any suspension might last.

The announcement fits into a broader pattern since Trump returned to the White House in January, having pledged to impose sweeping restrictions on both legal and illegal immigration. In late November, after an Afghan national was accused of attacking U.S. National Guard members, the administration rapidly rolled out new curbs, including halting Afghan immigration processing, ordering reviews of approved asylum cases, and expanding an existing travel ban to cover roughly 20% of countries worldwide.

Administration officials have framed these steps as necessary national security measures. Immigration advocates say they show a consistent strategy of leveraging isolated criminal cases to advance long-standing goals of reducing lawful immigration pathways.

Reuters quoted Jorge Loweree, a managing director at the American Immigration Council, saying the same pattern was now playing out with the diversity visa lottery.

“This isn’t about any one individual,” Loweree said. “What we’re seeing is this administration using these cases, these stories, as a pretext to their own end, which is to target people from countries that they deem to be undesirable.”

The diversity visa program, created by Congress in 1990, makes up to 55,000 immigrant visas available each year to applicants from countries with historically low levels of immigration to the United States. Winners are selected through a lottery system and, once approved, can obtain permanent residency and eventually U.S. citizenship.

The program has long been defended by supporters as a way to broaden the geographic makeup of U.S. immigration, particularly benefiting applicants from parts of Africa, Eastern Europe, and Central Asia.

Trump has opposed the program for years. During his first term, he repeatedly called for its elimination, most notably after a 2017 vehicle-ramming attack in New York City carried out by an Uzbek national who had entered the U.S. through the lottery. That attacker, Sayfullo Saipov, was sentenced in 2023 to eight consecutive life terms.

In the current case, authorities say Neves Valente entered the U.S. in 2017, during Trump’s first presidency. Officials have not indicated that he was flagged for security concerns at the time. He was found dead on Thursday night in a storage facility in Salem, New Hampshire, and is also suspected in the killing of a Massachusetts Institute of Technology professor, Nuno Loureiro, two days after the Brown University shooting. Neves Valente had attended Brown more than 20 years ago and was a former classmate of Loureiro in Portugal.

Data from the State Department, published by Reuters, indicates how rare Portuguese participation in the program has been. Only 118 Portuguese nationals have entered the U.S. through the diversity visa lottery in the past decade. By contrast, the largest recipients in fiscal year 2024 were Nepal, Uzbekistan, Kenya, Egypt, and Russia, with about 41% of diversity visa recipients coming from African countries.

The administration’s move also comes amid existing uncertainty around the program. Even before details of the Brown University suspect’s immigration status became public, registration for the fiscal year 2027 diversity visa lottery, which typically opens in October, had already been delayed. The State Department said in November that changes to the program would push back registration to an unspecified date.

That delay, combined with Noem’s announcement, has heightened concern among immigration lawyers and advocates that the administration may be laying the groundwork for a more permanent rollback, potentially inviting legal challenges given that the program is mandated by Congress.

Now, the episode has reignited a familiar debate in Washington: whether violent acts by individuals should drive broad immigration policy, and whether the diversity visa lottery, a small but symbolically charged program, will once again become a casualty of that fight.

Stellantis CEO Antonio Filosa has issued a blunt warning that the European Union’s latest package of measures for the auto industry could undermine long-term investment in the region, deepening uncertainty for manufacturers already under pressure from weak demand, high costs, and intensifying global competition.

Speaking to the Financial Times in an interview published on Saturday, Filosa said the proposals unveiled by the European Commission earlier this week lack the urgency and coherence needed to revive growth in Europe’s automotive sector, which remains one of the bloc’s most strategically important industries.

“There are none of the urgent measures needed to return the European automotive sector to growth,” Filosa said. “Without growth, it becomes very difficult to think about investing more.”

The Commission’s plan, announced on Tuesday, includes a controversial shift on climate policy by effectively dropping the EU’s planned ban on the sale of new combustion-engine cars from 2035.

The move has exposed deep divisions within the industry and among policymakers. While some automakers and member states argue that easing the rule offers breathing space amid slowing electric vehicle adoption and infrastructure gaps, others fear it dilutes regulatory clarity and weakens Europe’s credibility in the global transition to cleaner transport.

For Stellantis, which operates 14 brands including Peugeot, Fiat, Opel, Citroën, Jeep, and Alfa Romeo, the concern goes beyond the fate of internal combustion engines. Filosa framed the issue as one of strategic certainty and industrial confidence, arguing that frequent policy shifts make it harder for companies to commit capital to European factories, suppliers, and innovation hubs.

He said that without sustained and predictable investment, Europe risks losing its ability to build a resilient automotive supply chain, something he linked directly to employment, competitiveness, and security.

“Without additional investments, it becomes very difficult to build the resilient supply chain that is vital for European jobs, European prosperity and European security,” Filosa told the FT.

In an official statement released after the Commission’s announcement, Stellantis said the proposals failed to tackle several structural challenges facing the sector. The company pointed to the absence of a clear and comprehensive roadmap for light commercial vehicles, a segment that underpins logistics, trades, and small businesses across the continent. It also criticized the lack of flexibility around the EU’s 2030 emissions targets for passenger cars, which it said do not adequately reflect market realities or consumer affordability concerns.

The criticism comes at a delicate moment for Europe’s car industry. Automakers are grappling with slowing vehicle sales, stubbornly high energy and labor costs, and fierce competition from Chinese electric vehicle manufacturers, many of which benefit from lower production costs and strong state backing. At the same time, European manufacturers are being asked to fund multiple transitions at once: electrification, software-driven vehicles, autonomous technologies, and ever-stricter environmental and safety standards.

Industry executives have repeatedly argued that regulation alone cannot drive the transition. They have called for stronger demand-side measures, including purchase incentives, accelerated deployment of charging infrastructure, and policies to lower the cost of energy and raw materials. Without such support, they warn, consumers will delay purchases and manufacturers will struggle to justify large-scale investments.

The contrast with other regions has become increasingly stark. In the United States, the Inflation Reduction Act has unlocked billions of dollars in subsidies and tax credits for electric vehicles, batteries, and clean manufacturing, attracting major investment from global automakers and suppliers. Filosa’s remarks echo a growing concern among European executives that capital could increasingly flow to markets offering clearer incentives and more stable policy frameworks.

While the Commission has argued that its revised approach aims to balance climate goals with industrial competitiveness, Stellantis’ response highlights fears that the package delivers neither decisively. Easing the 2035 combustion-engine deadline may reduce near-term pressure, but Filosa suggested that without a credible growth strategy, it risks prolonging uncertainty rather than resolving it.

As Brussels continues to refine its industrial and climate agenda, the warning from one of Europe’s largest automakers points to the stakes. For companies like Stellantis, the challenge is not only adapting to new technologies, but deciding whether Europe remains a place where long-term automotive investment makes economic and strategic sense.