Researchers hack AI-enabled robots to cause ‘real world’ harm  

A Texas member of the US House of Representatives has proposed that government officials consider installing cryptocurrency ATMs in federal buildings across the country.In a May 1 letter to Stephen Ehikian, the acting administrator of the General Services Administration (GSA) — the entity responsible for managing the US government’s properties — Rep. Lance Gooden claimed that introducing crypto ATMs to federal buildings would serve as an “educational resource” and reflect advances in financial technology. He requested that the GSA begin exploring the necessary guidelines and regulations needed to install such ATMs in government-controlled properties across the US, citing alignment with President Donald Trump’s goals.May 1 letter pitching crypto ATMs to GSA. Source: Rep. Lance GoodenAccording to financial disclosure reports filed with the US House of Representatives, Gooden had held no investments in cryptocurrency or ATM companies since taking office in 2019. He had not yet filed any financial disclosures with the government for 2025 investments.The GSA website stated it may provide space to ATMs from federal credit unions, but it was unclear whether the acting administrator had the authority to expand the regulations to include digital asset ATMs tied to private companies like Bitcoin Depot or CoinFlip. Cointelegraph reached out to Gooden’s office for comment but did not receive a response at the time of publication.Related: Eric Trump: USD1 will be used for $2B MGX investment in BinanceGooden, a Republican and Trump supporter, made the proposal as lawmakers in the US Senate consider legislation to crack down on fraud through crypto ATMs. In February, Illinois Senator Dick Durbin introduced the Crypto ATM Fraud Prevention Act, aimed at placing “common sense guardrails” against fraud affecting many senior citizens.Who would ultimately make the decision?It’s unclear whether Ehikian, a Trump appointee, would have the authority to unilaterally — or even with the president’s approval — install the crypto ATMs without an act of Congress to authorize funding. Cointelegraph reached out to the GSA for comment but did not receive a response at the time of publication.Trump has significant exposure to cryptocurrencies and digital asset firms through his personal holdings, presidential campaign funds, family-backed businesses, and the TRUMP memecoin. In April, the president announced a dinner in DC for top holders of his memecoin. Magazine: Trump’s crypto ventures raise conflict of interest, insider trading questions

Paolo Ardoino, CEO of stablecoin issuer Tether, addressed criticism over the company’s decision not to seek registration under the European Union’s Markets in Crypto-Assets (MiCA) framework, arguing that the regulations were risky for stablecoins.Speaking to Cointelegraph at the Token2049 conference in Dubai, Ardoino reiterated that Tether had no plans to apply for its US dollar-pegged stablecoin USDt — the largest by market capitalization — to be compliant under MiCA in European countries, potentially forcing exchanges to delist the stablecoin. He added that though crypto firms had to follow regulations, there was a “fear of compliance” among companies in the EU.“[…] MiCA license is very dangerous when it comes to stablecoins, and I believe that is even more dangerous for the small, medium banking system in Europe,” said the Tether CEO, adding that banks in the region could “go belly up” in the next few years thanks to MiCA’s requirements, such as keeping 60% of stablecoins reserves in insured cash deposits in European banks. Ardoino added:“I decided to not apply to the MiCA license because I need to protect the 400 million+ users that we have around the world. They are not as lucky as Europeans. I love Europe, but I think that unfortunately European Central Bank is more interested [in pushing] the digital euro as a way to control people and control how they spend their money.”Related: Paolo Ardoino: Competitors and politicians intend to ‘kill Tether’After years of planning and research, EU officials began to implement requirements under MiCA in December 2024. Tether, which is regulated and headquartered in El Salvador, is required to comply with MiCA regulatory requirements if offering products or services in EU member states.Since the regulations went into effect, many crypto exchanges acted to ensure their platforms listed MiCA-compliant tokens. Kraken delisted 5 stablecoins, including USDt, and Crypto.com announced plans to delist 10 stablecoins as of January. On nations establishing crypto reservesSpeaking on its intentions for operating in the United States, Ardoino said the country “would require a different type of product,” given the competition with local stablecoin issuers. He added that the US’s and other countries’ efforts to establish a Bitcoin (BTC) stockpile were “just inevitable.”“In the medium to long term, the more Bitcoin education, the more companies will set the example then everyone else will follow,” said the Tether CEO. “It’s never too late to buy Bitcoin.”Ardoino’s statements came the same day that Tether announced roughly $120 billion in exposure to US Treasurys as of the first quarter of 2025. As of May 1, USDt had a market capitalization of roughly $149 billion.Magazine: Crypto wanted to overthrow banks, now it’s becoming them in stablecoin fight

Opinion by: Vikash Singh, Principal Investor at StillmarkThe Bybit hack resulted in the largest loss of funds to cyber hackers by a cryptocurrency exchange in history. It served as a wake-up call for those complacent about the state of security threats in the digital assets space. Everyone must learn the lesson from this heist — enterprise-grade custody solutions require tech to be accompanied by transparency.Unlike many previous incidents, this loss of funds was not due to a faulty smart contract, lost/mismanaged keys or deliberate mismanagement or rehypothecation of user funds, but rather a sophisticated social engineering attack that exploited vulnerabilities in operational security. This hack differs from earlier eras because it happened to a major global exchange that takes security and compliance seriously. It’s a reminder that, in crypto, there’s no such thing as “good enough” security.The anatomy of a heist A technical overview of the Bybit attack is key for understanding how companies can proactively strengthen their security against such attacks. Initially, a developer machine belonging to Safe, an asset management platform offering multisig Ethereum wallets used by Bybit, was compromised. This initial breach granted the attackers unauthorized access to Safe’s Amazon Web Services (AWS) environment, including its S3 storage bucket. The attackers then pushed a malicious JavaScript file into this bucket, which was subsequently distributed to users via access to the Safe UI. The JS code manipulated the transaction content displayed to the user during the signing process, effectively tricking them into authorizing transfers to the attackers’ wallets while believing they were confirming legitimate transactions. Recent: CertiK exec explains how to keep crypto safe after Bybit hackThis highlights how even highly robust security at the technical level, like multisig, can be vulnerable if not implemented correctly. They can lull users into a false sense of security that can be fatal.Layered securityWhile multisignature security setups have long been considered the gold standard in digital asset security, the Bybit hack underscores the need for further analysis and transparency on the implementation of these systems, including the layers of security that exist to mitigate attacks that exploit operational security and the human layer in addition to verification of the smart contracts themselves. A robust security framework for safeguarding digital assets should prioritize multi-layered verification and restrict the scope of potential interactions. Such a framework demonstrably enhances protection against attacks.A well-designed system implements a thorough verification process for all transactions. For example, a triple-check verification system involves the mobile application verifying the server’s data, the server checking the mobile application’s data, and the hardware wallet verifying the server’s data. If any of these checks fail, the transaction will not be signed. This multi-layered approach contrasts with systems that directly interface with onchain contracts, potentially lacking critical server-side checks. These checks are essential for fault tolerance, especially if the user’s interface is compromised.A secure framework should limit the scope of possible interactions with digital asset vaults. Restricting actions to a minimal set, like sending, receiving and managing signers, reduces potential attack vectors associated with complex smart contract modifications.Using a dedicated mobile application for sensitive operations, like transaction creation and display, adds another security layer. Mobile platforms often offer better resistance to compromise and spoofing compared to browser-based wallets or multisig interfaces. This reliance on a dedicated application enhances the overall security posture.Transparency upgradesTo bolster transparency, businesses can leverage the capabilities of proof-of-reserve software. These can defend multisignature custody setups from UI-targeted attacks by providing an independent, self-auditable view of chain state/ownership and verifying that the correct set of keys is available to spend funds in a given address/contract (akin to a health check). As institutional adoption of Bitcoin (BTC) and digital assets continues, custody providers must transparently communicate such details on the security models of their systems in addition to the design decisions behind them: This is the true “gold standard” of crypto security. Transparency should extend to how the nature of the underlying protocols alters the attack surface of custody setups, including multisignature wallets. Bitcoin has prioritized human-verifiable transfers where signers confirm destination addresses directly rather than confirm engagement in complex smart contracts, which require additional steps/dependencies to reveal the flow of funds. In the case of the Bybit hack, this would enable the human signer to detect more easily that the address shown by the hardware wallet did not match the spoofed UI.While expressive smart contracts expand the application design space, they increase the attack surface and make formal security audits more challenging. Bitcoin’s well-established multisignature standards, including a native multisig opcode, create additional security barriers against such attacks. The Bitcoin protocol has historically favored simplicity in its design, which reduces the attack surface not just at the smart contracting layer but also at the UX/human layer, including hardware wallet users. Increasing regulatory acceptance shows how far Bitcoin has come since its early era of widespread hacks and frauds, but Bybit shows we must never let our guard slip. Bitcoin represents financial freedom — and the price of liberty is eternal vigilance.Opinion by: Vikash Singh, Principal Investor at Stillmark. This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts, and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.