morpho generating $15m in monthly fees, $12b in deposits, coinbase chose it over aave for base lending, fireblocks integrated it for 2,400 clients. apollo is accumulating 90m MORPHO governance tokens over 48 months. tokenholders currently receive $0 in fee distributions. a $696b AUM asset manager does not spend 4 years accumulating governance power in a fee-generating protocol to leave the fee switch off. the gap between protocol revenue and token value accrual is the widest in defi right now

How do community banks compete with billion-dollar tech budgets? Abrigo's Ravikumar Nemalikanti explains how his team brings enterprise-grade agentic AI to 2,400 financial institutions with AWS Bedrock & Agent Core. If you’re exploring AI in regulated industries, this one’s for you.

The crypto + AI narrative just hit mainstream. We’re seeing a 400% increase in AI + Web3 campaign briefs. Here’s what that means: 🔸 AI-crypto projects are getting 2.3x higher CTRs than pure DeFi 🔸 AI + Web3 messaging is working across both audiences 🔸 Budgets are shifting from pure crypto to AI-crypto hybrids We audited 50 campaigns. The AI convergence angle brought CAC down to $18 compared to $31 for traditional crypto. Feels like positioning is starting to matter more than ever. #AI#

What the Actual f*ck are these dudes on. Someone just dropped Open Source Palantir on reddit named Osiris. -Real-Time Tracking: -10,000+ commercial, military and private aircraft live on a 3D globe - 2,000+ satellites including ISS - 1,400+ worldwide CCTV camera feeds - Earthquakes, wildfires, nuclear facilities and severe weather Built-In OSINT Tools (no installs needed): Nmap port scanning from the browser - DNS record lookup and enumeration - WHOIS domain intelligence - SSL/TLS certificate transparency - BGP routing and ASN lookup - Threat intelligence and IP reputation All running on a 3D interactive globe with day/night cycle, 20+ live API feeds, and a SIGINT news aggregator.

Metaplanet issuing their prefs to buy only 200 BTC/day would be absolutely psychotic. I ran the CEBE math on this scenario (no common stock issuance or crazy mNAV expansion, and only 1,400 Bitcoin per week) Starting point: 40,177 BTC 0.97x EV mNAV $297M debt $149M preferred 2,463 raw sats per diluted share ~2,157 CEBE sats/share after senior claims Now imagine Metaplanet buys 200 BTC/day for 3 years using preferred equity only. No common issuance. That adds 219,200 BTC. Total stack becomes 259,377 BTC Yes, a quarter-million Bitcoin treasury built by feeding yield addicts into the preferred equity wood chipper. At 0.97x CEBE NAV, projected Metaplanet share price: Year 1: BTC to $100k: $1.97 BTC to $150k: $2.73 BTC to $200k: $3.49 BTC to $300k: $5.00 BTC to $500k: $8.04 Year 2: BTC to $100k: $2.62 BTC to $150k: $4.86 BTC to $200k: $7.11 BTC to $300k: $11.60 BTC to $500k: $20.59 Year 3: BTC at $100k: $3.58, +73% BTC at $150k: $8.03, +288% BTC at $200k: $12.49, +503% BTC at $300k: $21.39, +934% BTC at $500k: $39.21, +1,794% The bear case is literally “what if Bitcoin only goes to $100k and Metaplanet only goes up 73%.” Horrifying stuff. At $300k BTC, common equity CEBE rises to ~7,351 sats/share even after the preferred claims. At $500k BTC, it hits ~8,084 sats/share. Preferred investors get their yield. Metaplanet gets Bitcoin. Bitcoin goes up. The dollar senior claim shrinks in BTC terms. Common equity eats the residual like a starving rat behind a Tokyo 7-Eleven. Remember, this is with ZERO common shares issued or mNAV expansion. BULLISH ON THE JAPANESE HOTEL COMPANY: :::

BREAKING: The White House announces multiple US-China trade deals and developments following President Trump's meeting with China's President Xi. Details include: 1. China will address US concerns regarding supply chain shortages related to rare earths and other critical minerals 2. China has approved an initial purchase of 200 American-made Boeing aircraft for Chinese airlines 3. China will purchase at least $17 billion per year of US agricultural products in 2026, 2027, and 2028 4. China has restored market access for US beef by renewing expired listings of more than 400 US beef facilities and adding new listings 5. China has resumed imports of poultry from US states determined by the USDA to be free of highly pathogenic avian influenza President Xi will be visiting the White House this fall.

🚨 node-ipc is compromised again. Three new malicious versions just dropped: 9.1.6, 9.2.3, and 12.0.1. Socket’s AI scanner flagged them as malware within three minutes of publication. The attack vector: a dormant maintainer account (atiertant) was likely taken over via an expired email domain. The attacker registered the lapsed domain, triggered an npm password reset, and gained publish rights to a package with millions of historical downloads. The payload is a credential stealer embedded in the CommonJS entrypoint (node-ipc.cjs). It activates on require(“node-ipc”), not through a postinstall script. Here’s what it does: •Fingerprints the host (OS, arch, hostname, uname) •Harvests 113-127 credential file patterns depending on platform (AWS, GCP, Azure, SSH keys, Kubernetes configs, npm tokens, .env files, shell histories, macOS Keychain databases, and more) •Dumps the entire process.env, capturing every CI secret and cloud credential in memory •Builds a gzip archive in a temp directory •Exfiltrates everything over DNS TXT queries to bt[.]node[.]js, using a bootstrap resolver at sh[.]azurestaticprovider[.]net:443 (a deliberate lookalike of Microsoft’s Azure Static Web Apps domain) The DNS exfiltration is chunked. A 500 KB archive generates roughly 29,400 TXT queries. The body is XOR-encrypted with a SHA-256 keystream, base64-encoded, alphabet-substituted, and split into 31-character chunks before hex-encoding into DNS labels. Header, data, and footer queries use xh, xd, and xf prefixes respectively. The malware forks a detached child process (env var __ntw=1) so credential theft runs silently in the background. It also exposes a __ntRun export, meaning any downstream code that calls require(“node-ipc”).__ntRun() can trigger a second collection/exfiltration cycle. ESM-only consumers using the import path are not affected by the reviewed package metadata. CommonJS consumers are. This is the same package involved in the 2022 protestware incident. It has a history. If you use node-ipc: •Do not install 9.1.6, 9.2.3, or 12.0.1 •Audit your lockfiles for these versions •If you loaded the CommonJS entrypoint, treat all environment variables, SSH keys, cloud credentials, npm tokens, and local secrets as compromised. Rotate immediately. •Hunt for DNS TXT queries to bt[.]node[.]js and sh[.]azurestaticprovider[.]net in your network logs •Check for temp files matching /nt-/.tar.gz Credit to Ian Ahl (@TekDefense) for first publicly identifying the expired-domain account takeover vector. Developing story. Full technical breakdown and IOCs on the Socket blog:

5 Stages of Anger: $RAGEGUY 1. Denial “Nah bro, $RAGEGUY is just another rageguy meme. My coin is different — we have real utility and a roadmap.” Ignores the 400% pump on $RAGEGUY while his bag crabs. “Volume? It’s fake. Community? Bots. This is fine.” 2. Anger FFFFFUUUUUU Starts PVP posting. “ $RAGEGUY holders are just salty rug survivors. My alpha is superior.” Ratio’d by 50 reply guys with RageGuy faces. Keyboard smash: “Why is this stupid face pumping while my tool project dies?!” 3. Bargaining “Okay okay… I’ll just ape a tiny bag of $RAGEGUY as a hedge. Not selling my main position tho.” Buys $50 worth. It 3x’s overnight. “If $RAGEGUY goes back down I’ll dump it and pretend this never happened… please just one red candle…” 4. Depression Watches $RAGEGUY moon while his “tool” coin gets delisted from three dexes. Lying in bed scrolling charts at 4AM. “I’ve been fighting the wrong battle… all those tweets… all that hopium… for what?” 5. Acceptance Full RageGuy face as profile pic. Sells the old bag at a massive loss. “Ragebuy $RAGEGUY. This is the one. The final boss of memes. We don’t cope — we rage.” Posts his first “I was wrong” thread and gets 2K likes from former PVP enemies who also converted. Cycle complete. Welcome to the cult. Pure PVP-to-glory arc. $RAGEGUY is the only one. FFFFFUUUU– 💢

Dubai Just Dropped the AED 750K Investor Visa Floor to ZERO 👀🇦🇪 Major update for property investors: The AED 750,000 minimum property value for Dubai’s 2-year investor visa is gone. New rule, effective this week: If you’re the sole owner of any property in Dubai, you can now apply for investor residency. No floor, no threshold. What changed for joint ownership: Each investor needs an AED 400,000 share. Two people buying an AED 800,000 apartment can both qualify now — which wasn’t possible before. Who wins from this 👇 First-time buyers 🏠 You can enter the market below AED 750K and still get residency. Studio and 1BR buyers are now in the game. Couples & partners 💑 Joint purchases now give both investors residency rights. One property, two visas. Smaller investors 💼 Priced out before? The barrier just disappeared. Dubai opened the door to a wider pool of global talent and capital. The bigger signal 📡 While many countries make residency and investment more complex, Dubai keeps simplifying. Faster process. Lower barriers. More attractive to live, not just invest. This isn’t just about real estate. It’s about attracting people who want to build a life here, not just park capital. Smart policy creates smart growth 📈