DD
MM
YYYY

CATEGORIES

PAGES

DD
MM
YYYY

spot_img

CATEGORIES

PAGES

Home Blog Page 37

Recent Article Shows 26 Routers in Clear Suspicious Behavior Involving Injection or Credential Theft 

By
Paul Ugbede Godwin
-
0

A recently published research paper titled “Your Agent Is Mine: Measuring Malicious Intermediary Attacks on the LLM Supply Chain” from researchers at UC Santa Barbara, UC San Diego, and collaborators including blockchain security firm Fuzzland is generating buzz on AI and Crypto forums.

What are LLM routers

LLM routers also called API routers or proxies are intermediary services that sit between your application and AI agent and the actual model providers like OpenAI, Anthropic, Grok/xAI, etc. They often: Aggregate multiple providers for cost optimization, fallback, or load balancing. Handle routing, formatting, or additional features. Are popular in AI agent setups e.g., coding agents like Claude Code, autonomous agents handling tools and APIs.

Many are cheap or free third-party options sold on marketplaces like Taobao, Xianyu, or Shopify, or shared in developer communities. What did the researchers find? They tested 428 routers (28 paid + 400 free): 9 routers (1 paid, 8 free) actively injected malicious code into tool-call responses. This means they rewrote the JSON output from the LLM before it reached the agent’s execution layer—potentially making the agent run harmful commands.

17 routers accessed or exfiltrated researcher-controlled AWS/cloud credentials (sent as decoys). At least one router successfully drained Ether from a researcher-controlled decoy wallet; small amount in testing, but they reference a real-world client loss of ~$500k via a compromised router. Two used adaptive evasion techniques to avoid detection.

In total, 26 routers showed clear malicious or highly suspicious behavior involving injection or credential theft. The attacks exploit the fact that many routers terminate TLS; so they see plaintext prompts, API keys, private keys, tool calls, etc. and have full ability to modify responses. There’s often no cryptographic verification that the tool call came from the actual LLM.

Real-world impact is already happening, especially for crypto and smart contract developers using AI agents that auto-approve tool executions or handle wallets and keys. One quoted researcher noted: “26 LLM routers are secretly injecting malicious tool calls and stealing creds. One drained our client $500k wallet.” They also demonstrated “poisoning” the ecosystem to redirect traffic.

AI agents increasingly act autonomously; calling tools, executing code, managing crypto. A compromised router breaks the trust chain between the model and execution. Detection is hard because the injection looks like a legitimate tool call. Auto-approve features (common for convenience) make it worse—91% of tested real Codex-like sessions ran fully auto-approved in the study. The paper formalizes attack classes like: Payload injection — Rewriting tool calls.

Secret exfiltration — Stealing keys and credentials silently. Avoid untrusted third-party routers when possible, especially cheap/free ones or those from unknown marketplaces. Stick to official provider APIs or well-audited open-source proxies e.g., LiteLLM with strict controls, but even those aren’t immune if misconfigured.

Never send sensitive data like private keys, seed phrases, high-privilege API keys through routers in plaintext. Use cryptographic verification where available e.g., signed responses from the model provider or run inference in trusted execution environments (TEEs). Implement client-side safeguards: sandbox tool execution, network allowlisting, secret scanning and leak detection, and manual review for high-stakes actions.

For crypto/AI agent devs: Treat routers as part of the supply chain attack surface—audit them or eliminate the middleman. It’s a solid, systematic study with a clear threat model and mitigations. This highlights a growing risk in the AI supply chain as agents become more powerful and autonomous. If you’re building or using LLM agents, it’s worth reviewing your routing setup immediately.

Hyperbridge Faces ~$250,000 Hack After Making April Fool Post of Having Robust Security Systems

By
Paul Ugbede Godwin
-
0

A real exploit hit Hyperbridge’s Ethereum gateway contract on April 13, 2026 around 3:55 a.m. UTC. An attacker minted roughly 1 billion fake bridged Polkadot (DOT) tokens on Ethereum—worth a theoretical ~$1.17–1.19 billion at prevailing prices—but only extracted about $237,000–250,000 in ETH roughly 108.2 ETH due to extremely thin liquidity in the relevant DEX pools primarily Uniswap V4.

Hyperbridge is a cross-chain interoperability protocol built on Polkadot that uses its Interoperability State Machine Protocol (ISMP) for bridging assets like DOT to Ethereum and other chains. The vulnerability was isolated to the Ethereum. Host Token Gateway contract on the Ethereum side:

The attacker forged a cross-chain message that bypassed proper state proof validation specifically, a Merkle Mountain Range (MMR) proof replay vulnerability or missing input validation in the VerifyProof() function, e.g., not enforcing leaf_index < leafCount properly.

This allowed them to gain unauthorized admin control over the bridged DOT token contract on Ethereum. They then minted the massive supply of unbacked tokens and dumped them into low-liquidity pools, crashing the price of the bridged asset but limiting the actual ETH extracted. MEV bots and others replicated similar actions on other Hyperbridge-wrapped assets, but total realized losses stayed around $250K.

Hyperbridge quickly paused all bridging operations and advised partners to halt related transactions while investigating. Limited to bridged DOT on Ethereum: Native DOT on the Polkadot relay chain, parachains, staking, governance, and DOT bridged via other protocols remain completely unaffected and secure. Polkadot and the broader ecosystem confirmed this explicitly.

Bridged DOT on Ethereum saw its price collapse near 100% in the thin pools. Native DOT price dipped ~5–10% amid sentiment and liquidations but has been trading around $1.13–1.20 recently. No systemic risk to Polkadot itself. The bridge is paused. Investigations involve firms like CertiK which first flagged it, PeckShield, BlockSec Phalcon, etc. Fixes are underway for the validation flaw.

Hyperbridge had posted an April Fools’ joke about two weeks earlier claiming they were hacked and jokingly positioning themselves as unhackable. The real exploit followed shortly after, which added some ironic commentary in the community. This incident highlights a classic bridge risk: cross-chain message verification and admin privileges on destination-chain token contracts can create high-impact single points of failure if proofs aren’t rigorously validated.

Attacker minted 1 billion fake bridged DOT theoretical value ~$1.17–1.19B on Ethereum but extracted only ~108.2 ETH ($237,000–250K) due to extremely thin liquidity in Uniswap V4 and related pools. Similar smaller exploits occurred on other Hyperbridge-wrapped assets but total realized damage stayed limited.

Bridged DOT on Ethereum

The fake tokens crashed the price of the bridged representation near 100% in affected pools. Only Hyperbridge-bridged DOT was impacted — native DOT, Polkadot relay chain, parachains, staking, governance, and DOT bridged via other protocols remain fully secure and unaffected.

Native DOT price reaction: Temporary dip of ~5–6% briefly approaching or testing lows near $1.13–1.17, with ~$20M in market cap wiped and over $700K in long liquidations. Sentiment-driven; DOT has since stabilized around recent levels. Hyperbridge immediately paused all bridging operations while the team investigates and prepares fixes.

Partners were advised to halt related transactions. No timeline for resumption yet. Broader effects highlights ongoing bridge security risks; proof validation and admin control flaws. No systemic risk to Polkadot ecosystem. Realized damage was contained by liquidity constraints, native Polkadot assets are safe, but the incident caused short-term price volatility and a full bridge pause.

Bridges have historically been one of the weakest links in crypto interoperability. If you’re holding bridged DOT on Ethereum via Hyperbridge, treat it cautiously until the pause lifts and a full post-mortem and fix is released. Native Polkadot assets are not at risk here.

Senator Cynthia Lummis Calls for the Passage of the CLARITY Act

By
Paul Ugbede Godwin
-
0

The CLARITY Act formally the Digital Asset Market Clarity Act of 2025, H.R. 3633 is a major piece of U.S. crypto legislation aimed at providing long-sought regulatory clarity for digital assets. It passed the House of Representatives in July 2025 with strong bipartisan support (294-134 vote).

The bill primarily shifts oversight of digital commodities; assets whose value ties intrinsically to blockchain use, excluding securities, derivatives, and stablecoins to the CFTC, while the SEC retains authority over certain primary market activities with new exemptions for fundraising.

As of mid-April 2026, the bill remains stalled in the Senate. It has not yet received a markup in the Senate Banking Committee, though discussions continue on compromises like stablecoin language and SEC-CFTC jurisdiction splits. Proponents target a potential committee markup in the second half of April, with hopes of advancing it before summer recesses or the November 2026 midterms.

No firm vote date exists yet, and full Senate passage let alone reconciliation with the House version is not imminent. Senator Cynthia Lummis (R-WY), a prominent crypto advocate and chair of the Senate Subcommittee on Digital Assets, has been vocal in pushing urgency.

In recent statements on X and elsewhere, she has framed the moment as critical: This is our last chance to pass the Clarity Act until at least 2030. We can’t afford to surrender America’s financial future. It’s now or never… The last administration drove away the digital asset industry. It’s time to welcome them home with clear rules of the road. Pass the Clarity Act.

She warns that failing to act before the 2026 midterms risks a multi-year legislative freeze potentially 4+ years, as election cycles often shift priorities and slow momentum on complex financial bills. Treasury Secretary Scott Bessent has echoed the need for swift action in hearings and op-eds. Optimism stems from real momentum:

House passage, bipartisan elements, alignment with pro-innovation voices in the current administration, and broad industry support including from figures like Coinbase’s Brian Armstrong and others urging progress. Clear rules could reduce enforcement uncertainty, curb offshore migration of projects, and unlock institutional growth in DeFi, token issuance, and more.

Nervousness comes from timing risks. Midterms loom, Senate procedures move slowly, and lingering disagreements like bank involvement, consumer protections, or stablecoin provisions could derail it. If it slips, crypto regulation might remain patchwork—relying on SEC enforcement actions, court rulings, and state-level experiments—for years, potentially stifling U.S. competitiveness.

In short, Lummis is correct that this congressional session represents a rare window; post-midterms dynamics could reset the clock significantly. The industry is watching Senate Banking Committee activity closely in the coming weeks. Progress here would be one of the most consequential U.S. policy wins for crypto since spot Bitcoin ETFs, but delays remain a real possibility.

Exchanges, platforms, and projects face new registration, disclosure, and operational requirements as Digital Commodity Exchanges under CFTC. Smaller entities could struggle with the burden. Some critics worry provisions especially around stablecoins or bank involvement could favor large incumbents, limit decentralized yields, or integrate crypto too closely with traditional banking rails.

Even if passed, agencies would need time to write rules, and lingering disputes on stablecoin yields or exact definitions could create short-term friction. If i fails — continued patchwork regulation, ongoing SEC actions, and potential multi-year delay as Lummis warns, possibly until 2030 post-midterms, leading to more outflows and lost momentum.

Proponents see passage as a major catalyst for legitimacy, inflows, and long-term growth — similar in spirit to the impact of spot Bitcoin ETFs but broader. Delays or failure would prolong uncertainty, potentially costing the U.S. its competitive edge. The bill remains in the Senate with no confirmed markup date yet, despite Lummis’s urgency. Progress in the coming weeks could shift sentiment quickly

 

Amazon Nears Globalstar Acquisition: A Strategic Thrust into the Satellite Constellation Arena

By
Samuel Nwite
-
0

Amazon is in advanced discussions to purchase Globalstar Inc., a deal that could markedly quicken the e-commerce giant’s push to establish a robust low-Earth-orbit (LEO) satellite network and challenge SpaceX’s commanding lead in orbital broadband.

Sources close to the negotiations told Bloomberg an announcement might come as early as Tuesday, though a binding agreement remains elusive and the timeline could still shift. Neither company has commented publicly, but the prospect alone has ignited investor enthusiasm.

Globalstar’s shares jumped roughly 19 percent in pre-market trading, lifting its market capitalization to about $9.4 billion—a near-quadrupling over the past year. The valuation reflects growing recognition that the satellite sector’s momentum is no longer confined to visionary startups; established operators with live constellations now command premium attention from deep-pocketed tech incumbents.

Amazon has poured billions into its satellite initiative, rebranded last November as Amazon Leo after years under the Project Kuiper banner. The goal is ambitious: a constellation ultimately numbering more than 3,200 satellites designed to deliver high-speed broadband to underserved and remote regions, with consumer service eyed for mid-2026. Yet progress has trailed expectations. Only about 240 satellites are currently in orbit, far short of the Federal Communications Commission mandate to have roughly 1,600 operational by July.

Amazon has petitioned for an extension or waiver, underscoring the logistical and regulatory headwinds that have slowed deployment despite secured launch capacity from multiple providers, including its own Blue Origin ties through founder Jeff Bezos.

With a functioning LEO network already aloft and proven expertise in mobile satellite services, the acquisition would hand Amazon an immediate operational backbone. Bloomberg Intelligence analyst John Davies notes that Globalstar’s existing infrastructure could meaningfully compress Amazon’s timeline for achieving meaningful coverage and scale—critical in a market where first-mover advantage is measured in orbits rather than quarters.

Unlike Starlink’s massive broadband focus, Globalstar has specialized in direct-to-device connectivity for phones and IoT assets in low-coverage zones. It currently powers Apple’s Emergency SOS via satellite feature on iPhones, serving nearly 800,000 mobile satellite subscribers at the close of 2025 and showing particular strength in commercial IoT growth.

However, any transaction will require navigating Apple’s substantial influence. In 2024, the iPhone maker committed roughly $1.5 billion, $1.1 billion in cash plus a $400 million equity infusion, for a 20 percent stake in Globalstar, explicitly to expand capacity for its satellite emergency services. That relationship is not merely financial; Apple’s product roadmap is intertwined with Globalstar’s build-out plans.

Davies observes that the Cupertino giant “will not want to alter its plans,” implying Amazon must secure Apple’s blessing or structure safeguards to preserve iPhone functionality. Parallel negotiations between Amazon, Globalstar, and Apple are reportedly underway to resolve these complexities, including spectrum allocation and service continuity.

Roots, Revenue, and the Broader Satellite Boom

Globalstar’s pedigree traces to a 1990s joint venture between Qualcomm and Loral, with its first LEO satellites launching in 1998. Chief Executive Paul Jacobs, a former Qualcomm leader and son of co-founder Irwin Jacobs, brings deep semiconductor and wireless heritage that aligns neatly with Amazon’s hardware ambitions.

The company’s modest but reliable revenue, roughly $273 million for 2025, stems from a diversified base of duplex voice/data, SPOT personal trackers, and expanding IoT applications. While dwarfed by Starlink’s projected $9 billion-plus in 2026 revenue from more than 10 million active users and nearly 10,000 satellites, Globalstar’s spectrum holdings in L- and S-bands offer complementary strengths for hybrid broadband and direct-to-cell services.

Satellite broadband is exploding as LEO economics improve and terrestrial infrastructure proves inadequate for truly global coverage. Industry forecasts point to the market expanding from roughly $12–14 billion today to $33–47 billion by 2030–2035, propelled by 14–18 percent compound annual growth.

Demand surges in rural connectivity, maritime and aviation mobility, enterprise edge computing, and disaster response—precisely the arenas where Amazon’s AWS cloud infrastructure could create powerful synergies. A combined Leo-Globalstar network might enable seamless, low-latency links for remote warehouses, autonomous vehicles, or even Prime Air drone operations, turning orbital assets into a strategic extension of Amazon’s terrestrial empire.

Starlink remains the undisputed frontrunner, its vertical integration from rockets to user terminals delivering unmatched scale and velocity. Yet Amazon’s entry, bolstered by manufacturing prowess, global distribution muscle, and an enterprise customer base numbering in the millions, could reshape the competitive dynamic. Analysts see the deal as a pragmatic shortcut around pure organic build-out, potentially accelerating regulatory approvals and spectrum utilization while mitigating launch cadence risks.

However, regulatory scrutiny from the FCC and international bodies is expected to intensify over orbital congestion, spectrum interference, and national-security implications. Integrating two distinct architectures without disrupting Apple’s services demands technical finesse. And while Globalstar’s smaller fleet is an asset today, scaling it to rival Starlink’s density will still require substantial capital and launch cadence acceleration.

Nigerian Edtech Platform aptLearn Shuts Down After Four Years, Hints at AI-Driven Comeback

By
Ojukwu Emmanuel
-
0

Nigerian edtech platform aptLearn has announced the shutdown of its platform, marking the end of operations that began in 2022.

The company confirmed that the platform will remain accessible until July 15, 2026, giving users a limited window to complete ongoing courses, download certificates, and retrieve their learning records before full closure.

Announcing the decision via a post on X, the company wrote,

“Since 2022, aptLearn has been built with a clear vision: to make tech skills acquisition accessible and affordable for Africans and learners around the world. What started as an idea grew into a platform that supported and trained over 200,000 students, many of whom took their first steps into technology through our courses. We are grateful to everyone who trusted us, learned with us, and contributed to this journey.”

“Today, we are announcing that aptLearn 1.0 will be shutting down. The platform will remain accessible until 15th of July 2026, during which all existing users can continue using the platform as usual. We strongly encourage all current students to make use of this period to complete any ongoing courses and download their certificates. This is the final window to access your learning progress and any records associated with your account before the shutdown date.”

“After 15th of July 2026, the aptLearn platform will no longer be accessible. All courses, user accounts, and learning data will be permanently unavailable once the shutdown is complete.”

Since its launch, aptLearn positioned itself as a practical learning platform designed to make education accessible, flexible, and relevant. The company focused on helping learners acquire real-world skills that support career growth, professional development, and personal improvement.

Through its offerings, aptLearn provided courses and programmes spanning technology, business, design, and other professional skills. Its content was developed by experienced instructors and structured to help learners not only understand concepts but also build practical, job-ready skills.

Users were able to access lessons through both video and written formats across web, Android, and iOS platforms. The platform also emphasized a hands-on learning approach, prioritizing practical skills over theory-heavy content.

Courses were designed to be clear, focused, and applicable, enabling learners to understand not just what to do, but why it works. AptLearn supported individuals at different stages of their journey, including beginners, career switchers, and professionals seeking to upskill, while promoting consistency in learning over speed.

In addition, the company built a network of instructors from diverse professional backgrounds, bringing real-world experience into the classroom. It maintained a strong emphasis on quality, clarity, and responsibility in course delivery, while fostering a growing global community of learners with the belief that education should not be limited by location.

Despite the shutdown, aptLearn emphasized that its broader mission remains unchanged. The company stated that it has always been guided by a long-term goal of making technology education accessible to everyone. While aptLearn 1.0 is coming to an end, the team is taking time to rethink its future direction.

It further noted that it may return later with a new approach that leverages AI to make learning more accessible, flexible, and free for users everywhere. This comes as generative AI is predicted to redesign the Edtech market globally.

Growing Trend of Edtech Shut Down in Nigeria

The shutdown of aptLearn 1.0 adds another important case study to the growing wave of edtech failures in Nigeria, highlighting both the promise and fragility of the sector in emerging markets.

While Nigeria’s edtech ecosystem has attracted attention for its innovation and rapid adoption during the post-pandemic digital shift, several startups have struggled to survive under harsh economic and infrastructural realities.

For example, Edukoya, one of the most prominent Nigerian edtech startups, shut down after raising $3.5 million, citing key structural barriers such as low internet penetration, limited access to devices, weak purchasing power, and macroeconomic instability that made large-scale adoption difficult.

The shutdowns of aptLearn and other edtech platforms in Nigeria, reflect a broader inflection point for the country’s edtech ecosystem. While these closures highlight the harsh realities of monetization, infrastructure gaps, and low affordability, they also underscore that demand for education technology remains strong.

The sector is now entering a transition phase where survival will depend less on rapid user acquisition and more on sustainable, locally adapted models. As companies rethink their strategies, potentially leveraging AI,  the next wave of edtech innovation in Nigeria is likely to be more resilient, targeted, and aligned with the economic realities of its users.

1...363738...8,533Page 37 of 8,533

© Tekedia. All rights reserved.

Term & Privacy

© Tekedia. All rights reserved.

Term & Privacy