Changpeng Zhao reminded that API keys in private repositories should be reviewed and replaced immediately
ChainCatcher News, in response to the internal codebase unauthorized access incident disclosed by GitHub, Changpeng Zhao issued a reminder: "If the code contains an API Key, even if it is located in a private repository, it should be reviewed and replaced immediately." ”
•
币界网 and 1 source
Grafana Labs confirmed to have been attacked by a cyberattack, and data was downloaded
According to Bijie.com, Wu Shuo learned that Grafana Labs' official blog disclosed that on May 16, 2026, the company was confirmed to have been targeted by a cybercrime group. On May 11, attackers breached Tanstack npm's GitHub repository through a supply chain vulnerability, downloading data including public and private source code, internal operational information, and emails from some business contacts, then issued ransom threats. Grafana Labs stated that the codebase was only downloaded and not tampered with, and the customer's production system and Grafana Cloud platform were not affected. Binance founder CZ reminded that if the code contains an API key, even if it is in a private repository, it should be checked and replaced immediately.
•
Odaily and 1 source
CZ: Reminds you to check and replace the API key in the code
Odaily Planet Daily reports that CZ posted on the X platform that if API keys exist in the code, even if they are private repositories, now is the time to re-check and replace them.
Currently, GitHub is investigating unauthorized access to internal warehouses. Although there is no evidence at present that there is no evidence of impact on customer information stored outside GitHub's internal warehouses, such as customers' businesses, organizations, and warehouses, follow-up activities on infrastructure are being closely monitored.
•
ChainCatcher and 2 sources
Lighter completes the L2 escape mechanism verification, and users can still withdraw money to the mainnet when the sequencer fails
According to ChainCatcher, Lighter's official account posted on X stating that it has completed the escape mechanism verification conducted by a third-party L2BEAT. This means that even if the sequencer at the L2 level fails, users can withdraw funds from Lighter's L2 back to Ethereum permissionlessly. This is the industry's first L2 Perp DEX to implement this functionality.
Multiple Bankr user wallets were stolen, involving Grok's interaction with Bankrbot resulting in unauthorized transaction signatures
According to ChainCatcher reports, according to slow fog cosine monitoring, multiple Bankr user wallets were stolen. @bankrbot responded that the incident was a social engineering attack targeting the trust layer between automated agents, specifically involving interactions between Grok and Bankrbot, and resulting in unauthorized transaction signatures.
•
Odaily and 1 source
Loracle.hl began setting up LIT long positions
Odaily Planet Daily reports: According to Onchain Lens monitoring, Whale Loracle.hl (0x8de... DAE) has begun establishing 3x leveraged LIT long positions, currently valued at about $1 million, with positions still increasing. Additionally, it currently holds 5x leveraged HYPE short positions, with unrealized losses exceeding $7 million.
Solana founder: It's hard for foundations to 'forcefully' promote ecosystem development; you need products first to be promoted
Odaily Planet Daily News Solana founder Toly said this morning when talking about the role of the Solana Foundation in ecological development: "Someone must launch a product first, and then the foundation can promote it." People give feedback, try out, tell the team what's bad, and then the team makes improvements.
It's hard for the Foundation to push anything...... Even if funding or investment is provided, there must be a product and someone willing to use it so that the ecology can accelerate development. ”
Trump's AI executive order proposes to require advanced models to be opened to the government ahead of schedule
Odaily Planet Daily reports that several insiders say the White House plans to issue a highly anticipated executive order on cybersecurity and AI safety as early as this week.
In its current version, the executive order aims to strengthen cybersecurity around advanced AI models and outlines a voluntary framework program requiring AI developers to notify the government when new models are released. If the plan is implemented as expected, the White House will fulfill its commitment to addressing AI safety issues. (Jin Shi)
•
Odaily and 1 source
Bitcoin News: Pro-Bitcoin U.S. Congressman Thomas Massie admits defeat in Kentucky primary
Odaily Planet Daily reports that Bitcoin News posted on X that Bitcoin supporter Thomas Massie admitted defeat in the Kentucky primary and said, "Welcome to the most costly congressional primary in the nation's 250-year history." ”
Well-known trader Loracle: "HYPE Short Positions TOP 1": Well-known trader Loracle opened 874,155 new long positions of LIT on HyperLiquid
According to Coinworld.com, the well-known trader Loracle opened a new long position of 874,155 LIT on the HyperLiquid platform, with an opening price of $1.11, and the current currency price is $1.15, with a position size of about $1,009,386.78 and a liquidation price of $0. The address is 0x8def9f50456c6c4e37fa5d3d57f108ed23992dae. Loraclexyz (formerly known as Laurent Zeimes) is active in the HyperLiquid ecosystem and is regarded as one of the early contributors, the founder of Hypurrfun, with a monthly profit of about $16 million.
HSBC CEO: AI is expected to replace some jobs, and employees need to embrace AI transformation
Odaily Planet Daily News HSBC CEO: Artificial intelligence is expected to replace some jobs, but it will also create new opportunities and promote workforce reskilling.
HSBC CEO: Employees need to embrace the AI transformation, not resist it.
•
Odaily and 1 source
IDG Capital plans to raise $2 billion in growth funds, aiming to expand into consumer technology and consumer sectors
Odaily Planet Daily reports that IDG Capital is planning to raise approximately $2 billion in growth funds, with fundraising efforts launched about two months ago, aiming to complete the first round by the end of this year. The fund will be positioned in consumer technology and consumer sector-related enterprises across China and other regions.
•
币界网 and 1 source
Google Antigravity 2.0 removes the IDE and transforms it into a standalone workbench
According to CoinWorld.com, Google officially released Antigravity 2.0, removing the traditional IDE interface, and separating the agent manager originally bound to the editor as a desktop application, with full support for macOS, Windows and Linux. The new version replaces the original workspace with a project concept, allowing a project to span multiple local folders and configure read and write permissions for each folder individually. When handling complex tasks, the master agent can now dynamically call multiple sub-agents for parallel processing, avoiding the fact that a single master context is stuffed with invalid logs. At the same time, long-term tasks such as compilation and testing are all pushed into the background to be executed asynchronously. The timed wake-up mechanism was introduced to the desktop for the first time, and users can now use the /schedule command to set a one-time timer or cron period, allowing the agent to automatically wake up to execute scripts or patrol code at a fixed point. The new slash command directly delineates the fault tolerance boundary of Google's agent autonomy at this stage. With the independence of desktop applications, Google simultaneously launched the supporting CLI, SDK and API, and announced that the original Gemini CLI personal toolchain will be fully migrated to Antigravity CLI in the future.
•
ChainCatcher and 2 sources
Grafana: The investigation found that recent security incidents have not affected customers' production systems or operations
According to ChainCatcher, open-source data visualization tool Grafana released the latest progress on its investigation into the security incident on May 16. The investigation found that the incident was limited to Grafana Labs' GitHub environment, including public and private source code as well as internal GitHub repositories, and did not affect customer production systems, operations, or the Grafana Cloud platform. In addition to the source code, the downloaded content also includes some warehouses used by teams for collaboration and storing internal operational information and business details, involving business contact names and email addresses, rather than data from production systems or cloud platforms.
Grafana Labs has made it clear that the codebase has been downloaded but not tampered with, and currently customers and open-source users do not need to take any action. The incident originated from the TanStack npm supply chain attack carried out through the Mini Shai-Hulud campaign. Grafana Labs detected malicious activity on May 11 and initiated an emergency response, but the missing credential allowed the attacker to gain access. After receiving a ransom demand on May 16, the company decided not to pay it, and has rotated automated credentials, implemented enhanced monitoring, audited all commits since May 11, and significantly strengthened GitHub security configurations. The company has notified federal law enforcement that the investigation is still ongoing.
•
币界网 and 1 source
Galaxy Securities: The synergy between green power and computing power is expected to achieve mutual benefit and win-win outcomes
According to Bijie.com, a Galaxy Securities research report states that the rapid growth in computing power demand is driving up electricity consumption. China's data center electricity consumption increased from 130 billion kWh in 2022 to 196 billion kWh in 2025, raising its share of total social electricity consumption from 1.5% to 1.9%. Looking ahead, it is estimated that by 2030, data center electricity consumption will exceed 700 billion kWh, accounting for more than 5% of total social electricity consumption. The synergy between green power and computing power is expected to achieve mutual benefit and win-win outcomes. Computational-electricity collaboration is included in the "15th Five-Year Plan," and policy encourages the use of green electricity. In data centers, using green electricity not only meets policy requirements but also aims to reduce electricity costs. This is partly due to green electricity's lower cost and price advantage compared to thermal power, and partly due to the introduction of direct green power connection policies. For power generation companies, new energy may be the most beneficial category under the trend of computational-power synergy. Power companies are planning to coordinate computing and electricity, and industry trends are gradually taking shape. Currently, several power companies have begun laying out computing-power collaboration strategies, which can be divided into two categories: one is directly entering the data center track to create a second growth curve; the other is building supporting power projects for data centers, which is an expansion of the profit model of existing power generation business.
•
ChainCatcher and 2 sources
Bank of England Deputy Governor: Tokenization can reduce costs, accelerate settlements, and promote competition
According to ChainCatcher and Cointelegraph, Bank of England Deputy Governor Sarah Breeden stated that tokenization can reduce settlement costs, speed up processes, and promote competition, provided trust and interoperability are ensured. Breeden emphasized that even amid private sector innovations such as tokenized deposits and regulated stablecoins, central bank money will remain the cornerstone of the monetary system. She stated that the Bank of England is working with industry, government, and regulators to build a framework that supports innovation without undermining financial stability.
Breeden said that in addition to traditional bank deposits, people should also be able to use tokenized deposits, regulated stablecoins, and retail central bank digital currencies for payments. More competition in technology and business models will reduce user costs and improve functionality. On Monday, the Bank of England also proposed extending the operating hours of its core settlement infrastructure to nearly 7x24 hours to support cross-border payments and securities settlement.
•
Odaily and 1 source
Threshold Network: Successfully stopped malicious attempts to mint tBTC
Odaily Planet Daily News Threshold Network posted on the X platform that on May 18, 2026, malicious attackers attempted to mint tBTC without depositing the underlying Bitcoin. Its attempt was unsuccessful, no invalid tBTC was issued, and user funds were not at risk.
Optimistic Minting has been temporarily suspended as a precautionary measure against high-frequency malicious activity within the broader crypto ecosystem. Currently, minting operations are carried out through a clearing mechanism, increasing the typical minting time from about 1.5 hours to about 6 to 7 hours.
GitHub is suspected of being hacked, and an investigation into unauthorized access to its internal codebase is underway
According to ChainCatcher, GitHub officially stated that they are investigating an unauthorized access incident targeting its internal codebase. GitHub stated that there is currently no evidence that enterprise, organizational, or codewarehouse data stored outside the GitHub platform by customers has been affected, but the company continues to monitor its infrastructure in case of further anomalous activity.
GitHub stated that if it is later confirmed that user data or services have been affected, it will notify customers through existing incident response and notification channels.
•
ChainCatcher and 1 source
K33: This round of Bitcoin bear market is different, with unusually pessimistic traders limiting the downside
According to ChainCatcher and CoinDesk, K33 Research stated in a report that this round of Bitcoin bear market is different, with unusually pessimistic traders limiting downside potential. Bitcoin traders remain on the defensive, reducing the risk of leverage-driven crashes. Research Director Vetle Lunde pointed out that the current slow bottoming has not reproduced the rapid reversal seen after bear market rebounds in previous cycles; instead, derivatives data points to extreme pessimism. Bitcoin's 30-day average funding rate has been negative for 81 consecutive days, approaching its longest historical record. The annualized basis of CME Bitcoin futures has dropped below 2.5%, indicating an extremely cautious level. However, Bitcoin derivatives open interest remains elevated, and further price weakness could trigger volatility. K33 maintains its fundamental judgment, believing that Bitcoin's drop to $60,000 in February could be the largest pullback of this round.
AI patent platform Stilta completed a $10.5 million seed round of financing, led by a16z
According to ChainCatcher, AI patent startup Stilta announced the completion of a $10.5 million seed round led by Andreessen Horowitz, with participation from Y Combinator and individual investors from companies such as OpenAI, Legora, Sana, Lovable, and Listen Labs.
The new financing will mainly be used to recruit engineers, patent experts, and marketing teams. The company plans to expand its team to about 10 people over the next 3 to 6 months and aims to establish an office in New York by the end of this year or early 2027.
Stilta focuses on patent management software powered by AI Agents, primarily targeting scenarios such as patent infringement identification, patent licensing opportunity discovery, and patent litigation defense. Its platform can analyze hundreds of millions of patents, research papers, and historical web data, helping companies and law firms manage patent assets.
The company was founded this year by former McKinsey members Oskar Block, Petrus Werner, Tobias Estreen, and Oscar Adamsson, and was selected for the YC 2026 Winter Incubation Program. Currently, about two-thirds of clients come from enterprises, with the rest from law firms.
According to reports, Stilta is developing hundreds of AI Agents for various tasks such as infringement analysis and patent invalidity analysis, with customized adjustments tailored for highly specialized fields like pharmaceuticals. In recent years, a16z and YC have continued to ramp up their investments in the legal technology sector. Previously, a16z had made multiple rounds of investments in AI legal assistant Harvey; YC has also recently invested in legal AI companies such as Legora, PointOne, and Parlai.
