DD
MM
YYYY

CATEGORIES

PAGES

DD
MM
YYYY

spot_img

CATEGORIES

PAGES

Home Blog Page 16

US SEC and CFTC Issue Joint Interpretive Guidance on Crypto Assets 

By
Paul Ugbede Godwin
-
0
Signage is seen outside of the US Commodity Futures Trading Commission (CFTC) in Washington, D.C., U.S., August 30, 2020. REUTERS/Andrew Kelly

The U.S. Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) have issued a joint interpretive guidance clarifying the application of federal securities laws to certain crypto assets and related transactions.

This marks a significant shift toward regulatory clarity in the U.S. digital asset space, following years of uncertainty and enforcement-focused approaches under prior leadership. Most crypto assets are not securities: SEC Chairman Paul Atkins explicitly stated that the interpretation “acknowledges what the former administration refused to recognize—that most crypto assets are not themselves securities.”

This applies to the assets themselves in many cases, distinguishing them from investment contracts that might trigger securities laws. The guidance provides a framework often described as a “token taxonomy” for classifying digital assets, including categories like commodities, utility tokens, collectibles, stablecoins, and securities.

It addresses how a “non-security crypto asset” one not inherently a security can become subject to securities laws if involved in an investment contract via Howey Test factors, and how such status can end when issuer promises are fulfilled or fail. Specific activities clarified as generally outside securities regulation include staking, airdrops, protocol mining, wrapping of non-security assets, and secondary market trading of many tokens.

The CFTC aligns with this view and confirms it will administer the Commodity Exchange Act (CEA) consistently, treating many non-security crypto assets as commodities under its jurisdiction. This builds on earlier 2025-2026 efforts, including: A Memorandum of Understanding (MOU) between the SEC and CFTC to harmonize oversight, reduce turf issues, and support innovation.

The joint “Project Crypto” (SEC) and “Crypto Sprint” (CFTC) initiative for coordinated regulation. Reports indicate the guidance classifies major tokens like Bitcoin, Ether, Solana, XRP, Cardano, and others as non-securities and digital commodities at least 16 named in some coverage. This is seen as a pro-innovation move, providing clearer jurisdictional lines between the SEC and CFTC.

By clarifying that most crypto assets are not securities and providing a structured “token taxonomy,” it ends much of the prior enforcement-heavy uncertainty under the Howey Test. This has broad implications across markets, innovation, compliance, and global competitiveness.

The guidance has been viewed as strongly pro-crypto, boosting investor confidence and reducing perceived regulatory risk for non-security tokens. While immediate price surges were muted, analysts describe it as removing a major overhang. Long-term effects include: Increased institutional adoption and capital inflows, as clearer lines encourage participation from traditional finance.

Potential for higher valuations of major tokens classified as digital commodities. Reduced fear of SEC enforcement actions, which previously suppressed activity and drove projects offshore. Market reaction has been positive but cautious, with commentary highlighting this as a step toward the U.S. becoming the crypto capital of the world.

The SEC focuses primarily on “digital securities”, while the CFTC oversees most others as commodities under the Commodity Exchange Act. This reduces turf wars and duplicative oversight, building on the March 11, 2026, Memorandum of Understanding (MOU) and Joint Harmonization Initiative. Safe harbors and innovation exemptions anticipated: Chairman Atkins indicated upcoming proposals for “bespoke pathways” for capital raising with investor protections, plus temporary exemptions for novel platforms.

Eased compliance for activities like Staking, airdrops, protocol mining, wrapping non-security assets, and secondary trading of many tokens are generally outside securities laws, lowering barriers for DeFi, layer-1 protocols, and on-chain innovation. End of regulation by enforcement.

Shifts to transparent guidance and rulemaking, superseding prior staff statements and reducing litigation risk. Projects can build domestically without constant SEC scrutiny, fostering growth in DeFi, NFTs as digital collectibles, utility tokens as “digital tools” and stablecoins.

Token taxonomy framework: Divides assets into categories like digital commodities, collectibles, tools, stablecoins, and securities—providing a roadmap for issuers to design compliant products. Support for on-chain activities: Clarifications enable broader staking, mining, and wrapping without triggering registration requirements.

Global competitiveness: Aligns with goals to attract talent and capital back to the U.S., countering offshore migration during prior uncertainty. This complements ongoing congressional efforts by providing interim clarity via existing authority. It signals coordinated oversight between agencies, potentially streamlining future rules for exchanges, intermediaries, and tokenized assets.

The guidance is seen as a foundational win for the crypto sector—offering the “regulatory sanity” long demanded—while still requiring case-by-case review as it’s interpretive, not binding law. This could accelerate mainstream integration of digital assets into U.S. finance.

Market participants are advised to review the full interpretation for their specific cases, as it reflects agency views rather than new binding rules though highly influential. This development has been widely covered as a landmark step toward regulatory sanity in the sector.

Bitrefill Releases Post-Mortem after it Suffered Significant Cyberattack 

By
Paul Ugbede Godwin
-
0

The cryptocurrency payments and gift card platform Bitrefill suffered a significant cyberattack. The company disclosed the incident in a detailed post-mortem. The attack began with a compromised employee laptop likely via malware or phishing, which allowed access to legacy credentials and parts of the internal infrastructure.

Attackers gained access to production keys, drained funds from hot wallets, and made unauthorized and suspicious purchases through supplier channels. Approximately 18,500 purchase records were accessed, exposing limited customer data such as: Email addresses. Crypto payment addresses; Metadata (e.g., IP addresses).

Some reports mention around 1,000 additional records with encrypted customer names potentially affected, but sensitive data like full payment details or passwords were not stored on Bitrefill’s systems; they use external providers for much of that. No widespread full account takeovers or major private key exposures for users were reported.

Attribution to North Korea’s Lazarus Group: Bitrefill and independent analyses pointed strongly to the Lazarus Group also associated with subgroups like Bluenoroff, a notorious North Korean state-sponsored hacking collective known for high-profile crypto thefts. Evidence cited includes: Similar malware patterns and tactics.

Reused infrastructure specific IP addresses, email addresses tied to prior attacks. On-chain tracing of stolen funds matching Lazarus and Bluenoroff behavior. The company collaborated with law enforcement and cybersecurity experts during the response. Bitrefill has since enhanced security measures, isolated affected systems, and resumed operations with added protections.

This incident highlights ongoing risks in the crypto space, especially from sophisticated state-linked actors targeting hot wallets and employee endpoints. No massive user fund losses were reported beyond the company’s hot wallets.

The Lazarus Group also known as Hidden Cobra, APT38, or subgroups like BlueNoroff and TraderTraitor is a North Korean state-sponsored cyber threat actor linked to the Reconnaissance General Bureau. Active since at least 2009, it blends espionage, destructive operations, and financially motivated theft—particularly targeting banks, cryptocurrency platforms, and exchanges to generate revenue and evade sanctions.

Their tactics, techniques, and procedures (TTPs) evolve but follow consistent patterns, mapped extensively in frameworks like MITRE ATT&CK. Here’s a breakdown of their core methods, with emphasis on cryptocurrency-related attacks (relevant to incidents like the recent Bitrefill breach). Lazarus heavily relies on human-targeted vectors rather than purely technical exploits.

Spear-phishing and social engineering — The most common method, often using fake job offers, investment scams, payroll themes, or collaboration lures. Victims download malware via attachments or links. Malware infects employee devices (laptops), exfiltrating credentials or keys.

In the Bitrefill case (March 2026), attackers started with a compromised employee laptop to steal legacy credentials, gaining access to production secrets and infrastructure.
Supply chain compromises — Trojanizing legitimate software, injecting malicious packages into open-source repositories (npm/PyPI), or exploiting upstream dependencies.

Watering hole attacks — Compromising sites frequented by targets. Use living-off-the-land techniques — Legitimate tools like PowerShell, WMI, or scheduled tasks for execution and persistence. Heavy obfuscation — Hex-encoding, variable mangling, software packing, and encrypted/encoded files to evade detection.

Multi-stage payloads — Initial droppers fetch further stages from C2 servers often via legitimate services like GitHub, Dropbox, or Slack for blending. Exploit vulnerabilities (zero-days or purchased exploits) in software.
Credential dumping. Registry modifications, run keys, or scheduled tasks for persistence.

System checks, time-based delays. Fileless techniques and masquerading as legitimate processes. Steal private keys, wallet seeds, or multisig approvals. Hot wallet drainage — Direct transfers from compromised wallets as in Bitrefill, where production keys enabled hot wallet drains and unauthorized purchases via suppliers.

In crypto hacks (Ronin, Harmony, Bybit, KuCoin, etc.): Focus on centralized exchanges, platforms via employee compromise or supply chain. Exfiltrate limited but valuable data (emails, addresses, IPs/metadata — similar to Bitrefill’s ~18,500 purchase records exposure).
Reuse infrastructure (IPs, emails, malware patterns) for attribution.

Lazarus shows high discipline: long reconnaissance, modular tools, and adaptation; shifting to open-source supply chains in 2025+. They fund North Korea’s regime, blending state goals with crime. Mitigation tips for crypto firms and users: Enforce MFA/hardware keys for all access.
Segment hot wallets, use cold storage.

Monitor for anomalous logins/credential use.
Train against phishing/social engineering.
Regularly rotate/audit credentials and patch systems. This group remains one of the most prolific threats in crypto, with billions stolen historically.

Tether Makes Breakthrough Advancing Local Private AI on Consumer Cell Phones

By
Paul Ugbede Godwin
-
0

Tether; the company behind the USDT stablecoin has made a significant breakthrough in advancing local, private AI capabilities directly on consumer cell phones and other everyday devices.

Tether announced the launch of an enhanced version of their QVAC Fabric framework. This is described as the world’s first cross-platform LoRA (Low-Rank Adaptation) fine-tuning framework specifically optimized for Microsoft’s BitNet models (1-bit quantized large language models). The key innovation dramatically lowers memory and compute demands—achieving reductions of over 70% in some cases—allowing billion-parameter AI models to be fine-tuned (customized/trained on personal data) and run inference locally on hardware like: Modern smartphones (e.g., iPhone 16, Samsung Galaxy S25.

Consumer laptops and desktops. Standard GPUs including AMD, Intel, Apple Silicon, and mobile GPUs like Qualcomm Adreno or Apple Bionic. This enables fully on-device AI training and personalization without any cloud dependency, meaning your data never leaves your phone—maximizing privacy and enabling offline use.

Previous QVAC developments starting in late 2025 included tools like QVAC Workbench; a local AI app for running and training models and earlier Fabric versions for inference on heterogeneous hardware. This latest release builds on those by integrating BitNet’s ultra-efficient 1-bit architecture with LoRA, making high-level customization feasible on phones for the first time.

Tether’s engineers demonstrated real-world results, such as fine-tuning models up to 1 billion parameters in under two hours on flagship phones, and supporting up to 13 billion parameters in some cases. The framework is open-source, cross-platform, and positions Tether as a push toward decentralized, privacy-first AI infrastructure—countering centralized cloud providers.

This move aligns with Tether CEO Paolo Ardoino’s vision of “local private AI that can truly serve the people,” expanding the company beyond stablecoins into broader tech ecosystems, including potential integrations with mobile hardware partners.

It’s being hailed as a step toward truly personal, offline AI assistants that learn from your data securely in your pocket, with big implications for privacy, edge computing, and reducing reliance on Big Tech clouds. LoRA (Low-Rank Adaptation) is a very popular and efficient technique for fine-tuning large language models and other neural networks without needing to update every single parameter in the model.

It was introduced in a 2021 paper by Microsoft researchers (“LoRA: Low-Rank Adaptation of Large Language Models”) and has become one of the go-to methods for customizing big models like Llama, Mistral, GPT-style models, BitNet, and others — especially on limited hardware like consumer GPUs, laptops, or even phones as seen in recent frameworks like Tether’s QVAC Fabric.

Full fine-tuning of a large model is extremely expensive: A 7B parameter model has ~7 billion weights. A 70B model has ~70 billion. Updating all of them requires massive VRAM often 100+ GB even with tricks like quantization, huge compute, and long training times.

It also risks “catastrophic forgetting” where the model loses too much of its general knowledge. LoRA solves this by making fine-tuning parameter-efficient. When you fine-tune a large pre-trained model on a new task/dataset, the change in the weight matrices (let’s call it ?W) is often low-rank.

In other words, even though the original weight matrix W is huge and full-rank, the update needed for adaptation can be approximated very well by a much smaller, lower-dimensional change.

Instead of learning the full ?W which would be the same size as W, LoRA learns two tiny matrices A and B such that: ?W ? B × AWhere:Original weight matrix in a layer: W (size d × k, e.g., 4096 × 4096 in many transformers). A is initialized randomly (usually with small values), size d × r. B starts as zeros (so ?W starts at zero, no change at the beginning), size r × k.

r is the rank — a small number you choose very important hyperparameter, typically 4, 8, 16, 32, or 64 — much smaller than d or k. During forward pass, instead of just using W, the model computes: W’ = W + (B × A) or more precisely: h = Wx + (B × (A × x)) scaled by some factor ? The original W stays frozen (never updated, no gradients).

Only A and B are trained ? number of trainable parameters drops dramatically (often 0.1%–1% of full fine-tuning). Quick math example Suppose a weight matrix W is 4096 × 4096 = ~16.8 million parameters. With LoRA rank r = 16:A: 4096 × 16 = ~65k params. B: 16 × 4096 = ~65k params. Total trainable: ~130k (instead of 16.8M) ? ~0.8% of original.

Yet in practice, LoRA with reasonable rank often matches or even beats full fine-tuning quality on many tasks. Key advantages of LoRAMuch lower memory — you can fine-tune 70B models on a single 24GB GPU or even larger with quantization like QLoRA. Faster training — fewer parameters to update.

Small adapter files — a LoRA for a 70B model is often just 10–200 MB instead of 140 GB. Easy to merge/switch — you can keep many LoRAs (one per task/personality/style) and merge them into the base model or swap them at inference time with almost no overhead.

No extra inference latency after merging though some implementations keep a tiny overhead if not merged. Works great with quantization. Common hyperparameters in LoRArank (r): The bottleneck size. Higher = more expressive (but more params and memory). Start with 8–32. alpha (?): Scaling factor for the update (often ? = 2×r or similar). Controls how strong the adaptation is.

Sometimes added to A/B matrices. target modules: Which layers to apply LoRA to usually attention Q, V, sometimes O, MLP, etc. In frameworks like Hugging Face PEFT, bitsandbytes, or Tether’s QVAC Fabric optimized for BitNet and mobile, you just set these and it handles injecting the adapters.

In short: LoRA lets you “personalize” massive AI models very cheaply and privately — exactly why it’s a breakthrough for running customized, local AI on phones and consumer devices without sending your data to the cloud.

PayPal Expands Access to its Dollar-backed Stablecoin to 70 Markets Worldwide

By
Paul Ugbede Godwin
-
0

PayPal has recently expanded access to its dollar-backed stablecoin, PayPal USD (PYUSD), making it available in 70 markets worldwide.

This marks a significant global push for PYUSD, which was previously limited primarily to users in the United States and United Kingdom since its launch in 2023. The expansion adds around 68 new countries and regions, covering parts of Asia-Pacific, Europe, Latin America, North America, South America, Africa, and other areas.

Users in these 70 markets can now buy, hold, send, receive, and in many cases earn rewards on PYUSD directly within their PayPal accounts. PYUSD enables faster settlements, lower-cost cross-border transfers (compared to traditional methods), and easier participation in the global economy by reducing fees and currency conversion issues.

The stablecoin is federally regulated in the US, fully backed by USD deposits and Treasuries, and supports transfers to third-party wallets or conversion to local currencies in supported areas. PayPal operates in roughly 200 countries overall, so this rollout covers a subset, with additional markets expected to gain access in the coming weeks.

Examples of Included Countries and Region: Colombia, Peru, Guatemala, Honduras, Panama, Costa Rica, Dominican Republic (Latin America/South America). Uganda (Africa). Singapore (Asia-Pacific). United Kingdom and United States (pre-existing). Others like Faroe Islands and Greenland.

PayPal’s head of crypto, May Zabaneh, emphasized that this move provides “faster access to funds, lower-cost ways to send money across borders, and a more direct path to participating in the global economy.” PYUSD’s market cap has grown substantially reflecting increasing adoption. Users can check availability directly in the PayPal app as rollout may vary slightly by location.

This positions PayPal as a major player in bridging traditional finance with stablecoins for everyday global payments. This move transforms PYUSD from a primarily U.S./U.K.-focused product (launched in 2023) into a more globally accessible, dollar-backed stablecoin integrated directly into PayPal’s ecosystem of hundreds of millions of users.

Traditional international remittances often involve high fees (5-7% in many corridors) and multi-day settlement times. PYUSD enables near-instant or minutes-fast transfers with significantly lower costs, particularly benefiting regions like Latin America. This directly addresses pain points in high-remittance economies.

In many emerging markets, users gain easier access to USD-pegged value storage without immediate currency conversion. Eligible holders can earn rewards similar to the ~4% in the U.S., introducing a “balance + earnings” model in PayPal wallets—essentially turning stablecoin holdings into a yield-bearing option.

Individuals in these 70 markets can buy, hold, send, receive, and transfer PYUSD to external wallets, reducing friction for freelancers, small businesses, or families relying on international payments. Merchants accepting PYUSD get proceeds available in minutes vs. days/weeks traditionally, aiding cross-border operations and global commerce participation.

Reduced reliance on costly legacy systems could boost margins for e-commerce sellers and international suppliers. As a federally regulated (U.S.) stablecoin fully backed by USD deposits and Treasuries, PYUSD offers compliance-friendly entry into crypto for businesses wary of unregulated options.

With PYUSD’s market cap already around $4-4.1 billion, this rollout aims to build the “liquidity, utility, and ubiquity” needed for mainstream use. It positions PayPal as a key player in competing with dominant issuers like Tether (USDT) and Circle (USDC) by leveraging its massive user base ~430 million active accounts.

PayPal’s push validates stablecoins for everyday global payments, accelerating integration with traditional finance. It highlights how fintech giants are racing to capture remittance and settlement flows—especially as competitors like Visa/Mastercard build blockchain layers.

While promising, success depends on regulatory alignment in each market competition from established stablecoins, and user trust in centralized custody. Rollout is phased, with more markets expected soon, but full global coverage (PayPal operates in ~200 countries) remains incomplete.

This expansion accelerates the convergence of fiat payments and crypto rails, potentially reshaping cross-border finance by making dollar-based digital money more inclusive, efficient, and rewarding—especially in underserved regions.

PayPal’s head of crypto, May Zabaneh, framed it as driving “commerce forward for everyone” by tackling outdated systems. Adoption will hinge on real-world usage growth in the coming months.

Joe Kent Resignation from NCTC Projects Falling Inner Support within Trump’s Administration 

By
Paul Ugbede Godwin
-
0

Joe Kent, the Director of the National Counterterrorism Center (NCTC), has resigned in protest over the ongoing U.S. war with Iran under President Donald Trump. Kent, a decorated veteran, former CIA paramilitary officer, and longtime Trump supporter, announced his resignation on March 17, 2026.

In a public letter posted on X, he stated that he could not “in good conscience” continue supporting the conflict. He claimed:Iran posed no imminent threat to the United States. The U.S. “started this war due to pressure from Israel and its powerful American lobby.” The administration had been influenced by a “misinformation campaign.”

He urged Trump to “reverse course” and expressed concern about sending American troops into an unnecessary war. This marks the first high-profile resignation from within Trump’s administration over the Iran conflict, which appears to involve U.S.-backed or -led military actions including strikes alongside Israel, now in its third week or so based on reports.

Kent’s departure highlights emerging divisions within Trump’s base and national security circles regarding the justification and escalation of the war.

AP News: Emphasizing his view that Iran was not an imminent threat. Noting the protest against the U.S. war on Iran. Trump has reportedly downplayed the resignation, with some coverage indicating he appears unfazed, though figures like Steve Bannon have commented on potential ongoing fallout.

The resignation coincides with other developments in the conflict, such as Israeli strikes killing senior Iranian figures. It has sparked discussions about internal dissent, potential risks to U.S. security focus, and broader implications for the administration’s foreign policy.

Steve Bannon has commented on the fallout from Joe Kent’s resignation as Director of the National Counterterrorism Center (NCTC), framing it as a serious issue that “isn’t going away” and signaling deeper divisions within the MAGA/Trump base over the Iran war.Key points from reports and coverage: Bannon warned that the resignation and Kent’s claims represent ongoing tension.

He emphasized the need for “answers” as the fallout continues to unfold, suggesting this highlights unresolved questions about how the conflict escalated and who influenced the decision-making. This aligns with Bannon’s broader “America First” skepticism toward Middle East interventions, particularly any perceived shifts away from Trump’s original objectives.

Earlier War Room commentary from Bannon (pre-resignation) criticized how the conflict “shifted” due to Israeli actions, arguing Israel is a “protectorate” whose moves must align with U.S. goals—not dictate them. Some coverage notes indirect support or sympathy from Bannon-aligned figures.

For instance, Grace Chong; a close Bannon associate and War Room contributor praised Kent’s stand as “REAL COURAGE” and true “putting America first.” However, Bannon himself has not issued a direct, lengthy public endorsement or condemnation of Kent personally in the immediate aftermath. His comments focus more on the broader implications for the administration, the base, and the war’s direction—warning of persistent dissent rather than dismissing or attacking Kent outright.

Trump allies and administration figures have largely turned against Kent; calling him a “crazed egomaniac” or similar in smears, while isolationist voices see his exit as exposing internal rifts. Bannon appears to position the episode as evidence that criticism from the anti-interventionist wing won’t fade quietly.

This comes amid mixed reactions: Trump downplayed the resignation, some MAGA hardliners called it “good riddance,” and others including Bannon’s circle view it as a principled stand against unnecessary escalation. Bannon’s take underscores potential ongoing “fallout” in terms of base fractures, demands for transparency, and questions about foreign influence on U.S. policy.

No major new direct Bannon statement has surfaced in the last day, but his War Room platform has historically amplified similar concerns about the Iran conflict’s trajectory.

1...151617...8,377Page 16 of 8,377

© Tekedia. All rights reserved.

Term & Privacy

© Tekedia. All rights reserved.

Term & Privacy