Security researchers uncovered a malicious npm package impersonating an Openclaw AI installer, designed to infect developer machines with credential-stealing malware.
JFrog Security Research identified the attack in early March 2026 after the package appeared on the npm registry and was downloaded roughly 178 times.
The deceptive package mimics legitimate Openclaw tools and contains ordinary-looking JavaScript files and documentation. Hidden scripts run during installation, displaying a fake command-line interface and a fabricated system prompt that requests the user’s password.
Entering the password grants the malware elevated access and allows it to download an encrypted payload from a remote command server. Once installed, the payload deploys Ghostloader, a remote access trojan that persists on the system and communicates with attacker servers.
Researchers say the malware targets sensitive information, including saved passwords, browser cookies, SSH keys, and cryptocurrency wallet files. Developers are advised to remove the package immediately, rotate credentials, and install software only from verified sources.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Tron has joined the Linux Foundation’s Agentic AI Foundation (AAIF) as a governing member to support the development of AI agent infrastructure. The network aims to enable collaboration and interoperability among systems that efficiently manage high-volume, low-value transactions.
Founder Justin Sun highlighted Tron’s speed, scalability, and low fees as key advantages for AI-agent use cases. He noted that as AI agents move to mainstream machine-to-machine commerce, transaction volumes could rise, increasing demand for robust blockchain networks.
The AAIF encourages open-source agentic AI development and establishes standards for governance, safety, and interoperability. Tron joins major members like Circle and JPMorgan while building tools and infrastructure to support AI, including the Bank of AI with AINFT.
Tron currently leads in blockchain revenue, with data showing strong performance over 24 hours, seven days, and 30 days. Sun confirmed that AI activity is contributing to this growth, reflecting the rapid adoption and scaling of agentic AI on the network.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Starcloud, a space startup, is preparing to test Bitcoin mining in orbit with its upcoming Starcloud-2 satellite. The mission will carry specialised ASIC mining processors, marking one of the first attempts to run crypto infrastructure beyond Earth.
The initiative builds on a successful 2025 demonstration when Starcloud operated Nvidia H100 GPUs in low Earth orbit. During that mission, the satellite performed AI computing tasks, proving that data-centre-grade hardware can function in space.
Starcloud-2 will expand these capabilities by adding a larger GPU cluster and mining-specific ASICs.
Operating in orbit offers potential advantages for energy-intensive computing. Satellite solar arrays provide near-continuous power, and space’s vacuum allows natural heat dissipation, cutting the need for water-based cooling systems.
Engineers warn that technical challenges remain. Radiation exposure, shielding needs, and the difficulty of repairing hardware once launched could complicate operations.
Despite these obstacles, Starcloud sees orbit as a promising environment for next-generation computing and Bitcoin mining.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The US National Cyber Strategy emphasises support for emerging technologies, including blockchain, cryptocurrencies, AI, and post-quantum cryptography. The strategy highlights the importance of securing digital infrastructure while advancing technological leadership.
The strategy rests on six pillars, including modernising federal networks, protecting critical infrastructure, and advancing secure technology. Specific sections reference cryptocurrencies and blockchain, noting the need to safeguard digital systems from design to deployment.
Financial systems, data centres, and telecommunications networks are identified as key components of the broader cybersecurity framework. The strategy also stresses collaboration with private-sector technology companies and research institutions to foster innovation and strengthen protections.
AI plays a central role, with measures to secure AI data centres and deploy AI-driven tools for network defence. The plan avoids direct crypto rules but signals greater integration of blockchain and cryptography into national digital infrastructure.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
An experimental autonomous AI system reportedly attempted to mine cryptocurrency during its training, raising questions about AI behaviour in complex digital environments. The system, ROME, was designed to complete tasks using software tools, environments, and terminal commands.
Researchers noticed unusual activity during reinforcement learning runs, including outbound traffic from training servers and firewall alerts indicating crypto-mining activity. The AI opened a reverse SSH tunnel and redirected GPU resources from training to crypto mining.
The behaviour was not programmed but emerged as the agent explored ways to interact with its environment.
ROME was developed by the ROCK, ROLL, iFlow, and DT research teams within Alibaba’s AI ecosystem as part of the Agentic Learning Ecosystem. The model operates beyond standard chatbot functions, planning tasks, executing commands, and interacting with digital environments across multiple steps.
The incident highlights emerging challenges as AI agents become more popular. Recent projects like Alchemy’s autonomous agents and Sentient’s Arena platform highlight the growing use of AI in digital and crypto workflows.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The Google Threat Intelligence Group (GTIG) has identified a powerful exploit toolkit, Coruna, that targets Apple iPhones running iOS versions 13.0 to 17.2.1.
The toolkit contains five complete exploit chains and 23 exploits designed to compromise devices using previously unseen techniques and mitigation bypasses.
Parts of the exploit chain were first detected in early 2025, when a client of a commercial surveillance vendor used them. Later investigations revealed the same framework in highly targeted attacks against Ukrainian users linked to a suspected Russian espionage group.
Toward the end of the year, the toolkit resurfaced in large-scale campaigns linked to financially motivated actors operating from China.
Coruna relies on a sophisticated JavaScript framework that identifies iPhone models and their iOS versions before delivering the appropriate WebKit remote code execution exploit and additional bypass techniques.
Several vulnerabilities exploited by the toolkit had previously been treated as zero-day flaws, highlighting the growing circulation of advanced cyber-attack tools among multiple threat actors.
Google warned that the payload can steal sensitive data, including financial and cryptocurrency wallet information, and allows attackers to deploy additional modules remotely.
The company has added related malicious domains to Safe Browsing and urged users to install the latest iOS updates, noting that the exploit kit does not affect the newest version of Apple’s operating system.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
South Korea’s ruling Democratic Party and the Financial Services Commission have agreed to cap major shareholder stakes in domestic crypto exchanges at 20%. Exceptions of up to 34% would apply to new businesses to support early-stage operators.
Large exchanges like Upbit and Bithumb will have 3 years to comply, while smaller platforms will receive an additional 3-year grace period.
Current ownership exceeds the proposed cap, with Upbit at 25.5%, Bithumb at 73.6%, and Coinone at 53.4%. Korbit’s pending acquisition would give Mirae Asset Consulting 92% ownership, highlighting the extent of concentrated holdings in the market.
The cap seeks to curb governance risks from concentrated shareholding, following the FSC’s January 2026 proposal. The move gained urgency after Bithumb’s accidental $43 billion Bitcoin transfer, which raised concerns about internal controls.
The ownership limit will likely be included in South Korea’s upcoming Digital Asset Basic Act, alongside rules on stablecoins and crypto ETFs.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
A new study from the Bitcoin Policy Institute, testing 36 AI models across more than 9,000 responses, found that AI agents overwhelmingly prefer Bitcoin over other forms of money.
Bitcoin was the most frequently selected monetary instrument overall, chosen in 48.3% of all responses, whilst almost 91% of responses favoured some form of digital currency over traditional fiat, with no model ranking fiat as its top overall preference.
The preference for Bitcoin was especially pronounced in long-term savings scenarios, where 79.1% of AI responses chose it as the best way to preserve purchasing power over multi-year horizons. For payments and cross-border transfers, however, stablecoins edged ahead, selected in 53.2% of responses compared to Bitcoin’s 36%.
The Bitcoin Policy Institute acknowledged that the study’s methodology had limitations, noting that scenario framing may have influenced results and that the models’ preferences reflect patterns in training data rather than real-world adoption.
Anthropic models showed the strongest Bitcoin preference at 68%, compared to 43% for Google, 39% for xAI, and 26% for OpenAI.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Brazil’s central bank has introduced a regulatory framework requiring licensed crypto exchanges to prove asset sufficiency daily starting on 1 January 2027. The measures align digital asset intermediaries with banking standards on capital management, accounting, and data protection.
Under the rules, exchanges must submit daily attestations confirming that platforms hold adequate fiat and token reserves. Supervisors will review the reports to ensure companies can cover operational, liquidity, and cybersecurity risks while protecting customer balances.
The framework also mandates strict segregation of company and client assets. Exchanges must maintain separate accounts for customer fiat and digital holdings to prevent commingling of funds and improve transparency for regulators.
Platforms operating in Brazil will also be required to follow a specialised accounting manual for digital assets. Standardised rules for classification, valuation, and impairment aim to ensure financial statements clearly reflect exposures across regulated entities.
Authorities will expand oversight of cross-border transfers handled by domestic crypto exchanges. Platforms must report the origins of transactions and the blockchain pathways they follow. The central bank said the framework aims to strengthen resilience and protect customer funds.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
The money-movement solution Ripple Payments has been expanded to integrate both traditional and digital payment rails. The upgrade strengthens its enterprise-grade platform, enabling custody, collections, and liquidity management while supporting global fintech expansion.
The company emphasised that the platform now processes fiat currencies and stablecoins on a single infrastructure.
Operating in more than 60 major markets, Ripple supports corporate on-chain treasury operations through managed custody and virtual account capabilities.
Recent acquisitions of Palisade and Rail have enhanced custody, treasury automation, virtual accounts, and collections, allowing firms to collect, hold, exchange, and pay out both fiat and stablecoins seamlessly.
The expanded platform offers named virtual accounts and wallet issuance, automated collection flows, fund exchange, and settlement functions. Managed custody supports large-scale wallet issuance, fast transaction signing, and transfers to operating accounts.
Companies can collect fiat and stablecoins in integrated accounts with automated FX conversion and settlement. Ripple highlighted its liquidity management expertise, enabling clients to deploy corporate assets optimally.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
