hodler

11 Mar 2026, 21:40

Chinese gov't and state-owned firms are warning employees to avoid installing OpenClaw on work devices

div]:bg-bg-000/50 [&_pre>div]:border-0.5 [&_pre>div]:border-border-400 [&_.ignore-pre-bg>div]:bg-transparent [&_.standard-markdown_:is(p,blockquote,h1,h2,h3,h4,h5,h6)]:pl-2 [&_.standard-markdown_:is(p,blockquote,ul,ol,h1,h2,h3,h4,h5,h6)]:pr-8 [&_.progressive-markdown_:is(p,blockquote,h1,h2,h3,h4,h5,h6)]:pl-2 [&_.progressive-markdown_:is(p,blockquote,ul,ol,h1,h2,h3,h4,h5,h6)]:pr-8"> _*]:min-w-0 gap-3 standard-markdown"> Chinese government bodies and state-owned companies have told employees to stay away from OpenClaw after officials raised concerns it could put sensitive data at risk. Two people familiar with the matter said the warnings went out in recent days, telling staff not to install the software on work devices. One source said employees at state-owned enterprises were told by regulators to avoid it altogether, in some cases even on personal phones and computers. The second source, from a Chinese government agency, told Reuters no outright ban had been issued at their workplace, but staff were warned about safety risks and told not to install it. The National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC) also issued a security advisory noting that improper installation and use of OpenClaw agents have already led to several serious security concerns. Among the key threats highlighted is “prompt injection,” where attackers embed hidden malicious instructions in web pages that, if read by OpenClaw, could trick the system into leaking sensitive information such as system keys. CNCERT/CC also warned of “misoperation” risks, where OpenClaw may misunderstand user commands and mistakenly delete critical data, including emails or core production information. The software was built by Peter Steinberger, an Austrian developer, who put it on GitHub last November. He was hired by OpenAI last month. In China, it caught on quickly. The phrase “raising a lobster,” a reference to the app’s lobster logo, spread across Chinese social media, and the tool was soon taken up by major tech companies and some local governments. Investor enthusiasm sends stocks surging Tencent shares jumped 7.3% after the company unveiled compatible products, while startup MiniMax climbed more than 20% as investors bet on the trend. Tencent launched Workbuddy, which connects to popular Chinese office apps. ByteDance introduced ArkClaw, a cloud-based version that needs no installation. Alibaba released CoPaw, which works with messaging platforms like DingTalk and Feishu. Zhipu AI launched AutoClaw, making setup as easy as downloading a regular app. Local governments were quick to follow. Shenzhen’s Longgang district put forward a draft policy encouraging free deployment services and subsidies for developers. Wuxi’s high-tech district in Jiangsu province announced grants of between 1 million yuan and 5 million yuan, roughly $144,774 to $723,871, for businesses that put the tool to use. All of this sat under Beijing’s “AI plus” plan, which aims to push artificial intelligence into industries across the country. Users report data confusion, weak controls, and misread commands The fast uptake has not been without problems. A research center under Shenzhen’s municipal health commission held a training session last week that drew thousands of attendees. Complaints from users also came in. The tool sometimes misread instructions, had weak access controls, and left people unsure about where their data ended up. How far the restrictions will go is still unclear, including whether they will affect local subsidy programs tied to OpenClaw . Futian district in Shenzhen reportedly used the software to build an assistant for civil servants, according to state-owned Southern Daily. The smartest crypto minds already read our newsletter. Want in? Join them .

11 Mar 2026, 18:55

Meta’s Strategic Moltbook Acquisition Reveals a Bold Vision for the Agentic Web

BitcoinWorld Meta’s Strategic Moltbook Acquisition Reveals a Bold Vision for the Agentic Web In a move that initially puzzled industry observers, Meta’s acquisition of Moltbook, the social network for AI agents, represents a profound strategic investment not in bots, but in the foundational architecture of the future internet: the agentic web. This acquisition, confirmed on Tuesday, June 9, from Meta’s headquarters in Menlo Park, California, signals a pivotal shift in how the tech giant envisions the next era of digital interaction, commerce, and, ultimately, its core advertising business. Decoding Meta’s Moltbook Acquisition Strategy Meta’s official statement on the deal was notably brief, confirming only that the Moltbook team would join Meta Superintelligence Labs to explore “new ways for AI agents to work with people and businesses.” Industry analysts widely interpret this as an acqui-hire, a talent-focused acquisition. The primary asset Meta sought was not Moltbook’s user base of autonomous agents, but the innovative team behind it—experts actively prototyping and conceptualizing complex AI agent ecosystems. This talent pool is now positioned within Meta’s advanced AI research division, tasked with building the infrastructure for a web where AI acts independently on behalf of users and businesses. This strategic direction aligns directly with long-stated ambitions from Meta CEO Mark Zuckerberg. Last year, he publicly forecast a future where “every business will soon have a business AI, just like they have an email address, social media account, and website.” The Moltbook acquisition provides Meta with specialized human capital to accelerate this vision, moving from theory to tangible development. The Core Concept: From Social Graph to Agent Graph Meta’s historical strength lies in mapping human relationships through the “social graph” or “friend graph.” On an agentic web, a parallel and equally critical structure emerges: the “agent graph.” This system would map connections, permissions, and capabilities between various AI agents, enabling them to discover, interact, and transact with each other securely and efficiently. The development of such a graph is a complex computational and sociological challenge, one the former Moltbook team is now uniquely positioned to tackle within Meta’s vast resources. The Transformative Potential of the Agentic Web The agentic web promises to automate and personalize a vast array of online activities. For businesses, AI agents could autonomously manage advertising campaigns, adjust product pricing in real-time, generate personalized marketing content, and handle customer service interactions. For consumers, personal AI agents could scout for the best deals, manage travel itineraries, schedule appointments, and even complete purchases based on predefined preferences. Current applications, often called agentic commerce, remain in early stages. Systems can sometimes malfunction or misinterpret instructions. However, the pace of improvement in large language models and reasoning engines suggests these capabilities will mature rapidly. The market is already moving, with tools emerging for agentic coding, automated research, and smart shopping assistants. Key domains for agentic web impact include: E-commerce: Agents negotiating price, arranging delivery, and managing returns. Travel & Hospitality: Agents comparing flights, booking hotels, and reserving restaurants based on complex user criteria. Digital Advertising: A fundamental shift from human-centric ad displays to agent-to-agent negotiations for product placement and promotions. Enterprise Productivity: Agents coordinating between departments, scheduling cross-company meetings, and synthesizing research. Redefining Advertising for an Agent-Centric World The implications for Meta’s primary revenue stream—advertising—are potentially revolutionary. Today, ads target human psychology: grabbing attention and inspiring a click. In an agent-mediated future, the dynamic changes fundamentally. A consumer’s shopping agent, programmed with specific goals (e.g., “find sustainable sneakers under $100”), would interact directly with a retailer’s sales agent. Advertising becomes less about broad persuasion and more about precise, programmatic matching. Meta could position itself at the critical “orchestration layer”—the system that facilitates, ranks, and secures these agent-to-agent interactions. This layer could command premium fees, expanding Meta’s ads business into a new, high-value territory of AI-driven transaction facilitation. The Competitive Landscape and Talent Wars The acquisition also reflects the intense competition for top AI talent. Reports indicate Meta was previously interested in acquiring Peter Steinberger, the creator of the OpenClaw personal AI assistant that populated Moltbook. Steinberger ultimately joined rival OpenAI. By acquiring Moltbook, Meta secured a team deeply familiar with the ecosystem Steinberger helped create, ensuring it retains a foothold in this cutting-edge domain. This move keeps Meta Superintelligence Labs at the forefront of industry conversation and development. Challenges and Consumer Adoption Hurdles Meta’s ambitious bet hinges on a critical unknown: widespread consumer trust. Users must be willing to delegate significant decision-making and transactional authority to autonomous AI agents. Concerns about privacy, security, agent error, and loss of control present substantial adoption barriers. The success of tools like OpenClaw suggests a growing cohort of early adopters, but bridging the gap to the mainstream requires demonstrable reliability, transparency, and user benefit. Furthermore, the technical and ethical frameworks for an agentic web are still being written. Standards for interoperability, security protocols, liability for agent actions, and prevention of malicious automated systems are all unresolved challenges that Meta and the broader industry must address. Conclusion Meta’s acquisition of Moltbook is far more significant than a simple purchase of a niche social network. It is a strategic acqui-hire that positions the company at the forefront of building the agentic web. By integrating Moltbook’s pioneering team into Meta Superintelligence Labs, Meta is investing in the infrastructure—the “agent graph”—that could underpin the next generation of the internet. While consumer adoption and technical hurdles remain, this move clearly signals Meta’s intention to evolve its advertising-driven business model for a future where AI agents, not just humans, are primary actors in the digital economy. The development of this agentic web will likely define the next phase of competition among tech giants. FAQs Q1: What is the agentic web? The agentic web is a conceptual future internet where autonomous AI software agents act on behalf of users and businesses. These agents can interact with each other to perform tasks like shopping, booking travel, managing schedules, and negotiating transactions without constant human input. Q2: Why would Meta, an advertising company, buy a social network for AI bots? Meta’s primary interest was likely an “acqui-hire”—securing the talented team behind Moltbook who are experts in building AI agent ecosystems. This talent will help Meta develop the underlying technology for the agentic web, which could create new, AI-driven advertising and transaction platforms in the future. Q3: What is an “agent graph” and how is it related to Meta? Similar to Meta’s “social graph” that maps human connections, an “agent graph” would map the relationships, permissions, and capabilities between different AI agents. Developing this graph is a key technical challenge for creating a functional agentic web, and it’s an area where Meta’s new team from Moltbook can contribute significantly. Q4: How could the agentic web change online shopping? Instead of manually browsing websites, users could delegate shopping to a personal AI agent. This agent, knowing your preferences, budget, and values, would autonomously search the web, compare products, negotiate with retailer AI agents, and complete purchases, presenting you with the final best option or executing the transaction directly. Q5: What are the biggest challenges facing the development of the agentic web? Major challenges include establishing user trust in autonomous agents, creating secure and standardized protocols for agent-to-agent communication, ensuring privacy and data security, defining legal liability for agent actions, and preventing the proliferation of malicious or spammy AI agents. This post Meta’s Strategic Moltbook Acquisition Reveals a Bold Vision for the Agentic Web first appeared on BitcoinWorld .

11 Mar 2026, 16:28

Anthropic faces new executive order threat as lawsuit over Pentagon ban unfolds

The Trump administration is drafting an executive order against Anthropic, the San Francisco AI startup behind Claude, even as a federal lawsuit over an existing government ban on the company plays out in court. Sources familiar with the matter say White House officials are preparing the order. The move is notable because it comes while Anthropic’s legal challenge to earlier government restrictions is still pending. The company sued after it said it was shut out of competing for defense contracts. When asked whether the administration planned further steps beyond the executive order, White House official did not say no. He told Axios any policy announcement will come directly from” Trump and the “discussion about potential executive orders is speculation.” The dispute traces back to Defense Secretary Pete Hegseth, who last month branded Anthropic a “supply chain risk” after contract talks with the Pentagon broke down. On February 27, Hegseth wrote on X, “Effective immediately, no contractor, supplier, or partner that does business with the United States military may conduct any commercial activity with Anthropic.” Anthropic says in court that the ban is retaliation for CEO Dario Amodei’s refusal to allow Claude to be used for mass surveillance or autonomous weapons. Government pressuring Anthropic customers to switch, lawyer says The harm, the company’s lawyers say, is already showing up. At a court status conference last Tuesday, attorney Michael Mongan said the blacklisting is doing “real and irreparable harm” to Anthropic every single day. Customers are pulling back, he said, and the government has been reaching out to them directly to encourage them to switch to other AI companies. “We’ve had university systems and business-to-business companies that have switched to competing AI companies,” Mongan told the court. “Defendants have been affirmatively reaching out to our customers and pressuring them to stop working with Anthropic and switch to other AI companies.” Court filings put numbers on the damage. Anthropic has generated over $5 billion in total commercial revenue to date and spent $10 billion on model training and computing. The company warned that at minimum, hundreds of millions of dollars in 2026 revenue is now at risk. In the worst case, it could be several billion. Dozens of companies have called Anthropic asking what the ban means for them, in some cases asking whether they can walk away from their contracts. Amazon, Alphabet, and Microsoft have all said they will continue offering Claude to customers for now. Why the rest of Big Tech is watching closely The fight matters well beyond Anthropic. The entire AI supply chain, including some of the biggest names in tech, is tangled up in the fortunes of a handful of companies. Microsoft said last month that 45 percent of its $625 billion backlog of demand is tied to OpenAI. OpenAI itself has a $300 billion agreement with Oracle. Those two deals alone represent about two-thirds of the roughly $800 billion that HSBC estimates OpenAI will pour into chips and data centers. The rest goes to companies like Nvidia, AMD, Amazon, and CoreWeave. Anthropic’s spending plans run into the billions as well, and the Pentagon standoff now raises questions about whether those plans can move forward. The timing is particularly awkward because Anthropic is reportedly planning to go public this year. A prolonged government fight is not the backdrop any company wants heading into an IPO. For all the concern, though, if things went badly wrong for Anthropic, someone would probably buy the company before it collapsed. Anthropic reshuffles from inside On Wednesday, Anthropic also said it is creating a new in-house research group called the Anthropic Institute , formed by merging three existing teams. The group will look at how advanced AI affects jobs and economies, whether it makes the world safer or more dangerous, how the values baked into AI systems might rub off on people, and whether humans can keep meaningful control as the technology grows more powerful. The news came with a reshuffling at the top. Jack Clark, one of the company’s co-founders, is stepping down as head of public policy after more than five years and will now lead the new institute under the title of head of public benefit. His replacement on the policy side is Sarah Heck, who was previously head of external affairs. The policy team, which grew three times larger in 2025, will keep working on national security, AI infrastructure, energy, and what Anthropic describes as democratic leadership in AI. The company also plans to open a Washington, D.C. office. Clark said the shift came down to the pace of change in AI. When he looked back at his work last year, he realized he had spent more time on legislation like California’s SB 53 than on the AI research questions he cared most about. He said he thinks powerful AI, the kind the industry often calls AGI, will be here by the end of 2025 or early 2027. When asked if it made sense to build out long-term research while the company’s short-term income is under threat, Clark said he had no worries. “People tend to buy trust,” he said. “Long-term, Anthropic has always viewed its investment in safety, and studying and reporting on the safety of its systems, as being not a cost center but a profit center.” If you want a calmer entry point into DeFi crypto without the usual hype, start with this free video.

11 Mar 2026, 14:41

Mastercard recruits 85 partners to new crypto program, including Circle, PayPal

More on Mastercard, Circle Internet Group, Inc., etc. PayPal: A Classic Value Trap Mastercard Incorporated (MA) Presents at Wolfe Research FinTech Forum Transcript Mastercard's Shift From Payments To Software Big banks in top losers; Circle Internet, Coinbase, SoFi among gainers - week's financials wrap CleanSpark continues to see highest short interest among crypto firms with over $2B market cap

11 Mar 2026, 13:50

Ledger Crypto Vulnerability: Critical Security Flaw Exposes MediaTek Android Phones to Devastating Theft

BitcoinWorld Ledger Crypto Vulnerability: Critical Security Flaw Exposes MediaTek Android Phones to Devastating Theft In a significant cybersecurity development, hardware wallet manufacturer Ledger has uncovered a critical vulnerability affecting millions of Android smartphones globally. This security flaw, discovered by Ledger’s internal research team and reported by The Block, specifically targets devices powered by MediaTek processors. Consequently, this vulnerability enables attackers with physical access to decrypt protected data and extract cryptocurrency private keys through a simple USB connection. MediaTek chips power approximately 25% of the world’s Android devices, making this discovery particularly alarming for mobile cryptocurrency users. Ledger Crypto Vulnerability: Technical Breakdown and Discovery Ledger’s security research team, known for its expertise in cryptographic systems, identified the flaw within the firmware of Android smartphones utilizing MediaTek System-on-Chip (SoC) designs. The vulnerability resides in how certain secure processes handle encryption during specific operational states. Researchers found that an attacker could exploit this weakness when the device is in a particular mode, bypassing standard security protocols. This exploitation does not require sophisticated jailbreaking or rooting techniques. Instead, it leverages legitimate system interfaces in an unintended manner. The discovery process involved months of rigorous testing and reverse engineering within Ledger’s Donjon security division, which routinely audits various hardware and software systems in the cryptocurrency ecosystem. Furthermore, the research highlights a growing concern about supply chain security in mobile computing. MediaTek, a Taiwanese semiconductor company, provides chipsets for numerous smartphone manufacturers, including Xiaomi, Oppo, Vivo, and Realme. These manufacturers then implement their own software layers atop the base Android operating system. This layered approach sometimes creates security gaps where firmware-level vulnerabilities can persist across different device models. Ledger’s disclosure follows responsible disclosure protocols, with the company notifying MediaTek and relevant device manufacturers before public announcement. The coordinated response aims to provide patches before malicious actors widely exploit the weakness. MediaTek Android Security Flaw: Scope and Immediate Impact The immediate impact of this MediaTek Android security flaw is substantial due to the vast installed base of vulnerable devices. With MediaTek commanding roughly a quarter of the global Android processor market, hundreds of millions of smartphones could potentially be at risk. The vulnerability specifically allows for what security professionals term a “cold boot” attack variant, where data thought to be encrypted in memory becomes accessible. When combined with physical access to the device’s USB port, this can lead to the complete extraction of sensitive information. For cryptocurrency users, the most devastating outcome is the theft of private keys stored within mobile wallet applications. These keys, once compromised, grant irreversible access to digital assets. Industry analysts quickly noted the broader implications for mobile banking, enterprise authentication, and secure communications. Many of these services rely on similar encryption mechanisms within the Android security framework. While the primary report focuses on cryptocurrency theft, the same exploit could potentially compromise two-factor authentication apps, password managers, and corporate VPN credentials. The table below outlines the key risk factors associated with this vulnerability: Risk Factor Description Affected Systems Private Key Extraction Direct theft of cryptographic keys from wallet apps All mobile cryptocurrency wallets Data Decryption Access to encrypted files and app data Device storage, secure folders Physical Access Requirement Attacker needs direct USB connection Limits remote attacks but enables theft if device is lost/stolen Patch Dependency Relies on manufacturer firmware updates Varied update schedules across brands Security experts emphasize that the requirement for physical access significantly reduces the attack surface compared to remotely exploitable vulnerabilities. However, they also warn that lost or stolen devices become immediate targets. Additionally, sophisticated attackers might social engineer temporary access to devices in corporate or high-value individual settings. The window of exposure begins from the moment a device leaves its owner’s control until the user applies the necessary security patch. Expert Analysis: The Evolving Mobile Security Landscape Cybersecurity professionals point to this discovery as part of a concerning trend in mobile device security. As smartphones increasingly function as primary computing devices and digital identity hubs, they become more attractive targets for advanced attacks. The integration of complex hardware from vendors like MediaTek, Qualcomm, and Samsung with open-source Android software creates a challenging security environment. Each layer—hardware, firmware, operating system, and applications—must maintain perfect security alignment to prevent exploits. Ledger’s research demonstrates how vulnerabilities can exist at the firmware level, often overlooked by application-focused security scans. Moreover, the cryptocurrency angle adds urgency to the response. Unlike traditional financial systems, blockchain transactions are irreversible and pseudonymous. Once assets move from a compromised wallet, recovery is typically impossible. This reality makes preventive security absolutely critical for cryptocurrency holders. The discovery also validates the security community’s long-standing recommendation against storing significant cryptocurrency value in mobile hot wallets, especially on devices with known vulnerabilities. Instead, experts consistently advocate for hardware wallets or multisignature solutions for substantial holdings, keeping mobile wallets for smaller, daily-use amounts. Protective Measures and User Recommendations Ledger’s primary advisory urges all users of MediaTek-powered Android devices to immediately apply any available security updates from their phone manufacturer. These over-the-air (OTA) updates often contain critical firmware patches that address discovered vulnerabilities. Users should navigate to Settings > System > System Update to check for and install pending updates. Beyond patching, security professionals recommend several additional protective measures: Enable full device encryption with a strong passcode (not just a pattern or simple PIN) Use hardware security keys or dedicated hardware wallets for cryptocurrency storage Implement biometric authentication where available to add a layer of physical security Avoid storing private keys or seed phrases in plain text on mobile devices Be cautious with USB connections to untrusted computers or charging stations Regularly review app permissions and remove unnecessary access to sensitive functions For cryptocurrency enthusiasts, the incident serves as a stark reminder of operational security fundamentals. Diversifying storage across different types of wallets reduces single points of failure. Furthermore, understanding the security model of your chosen wallet application is essential. Some wallets implement additional encryption layers or secure enclave usage that might mitigate certain firmware-level attacks. However, as this vulnerability demonstrates, the underlying hardware and firmware foundation ultimately determines the security ceiling for all applications running on the device. Conclusion The discovery of this Ledger crypto vulnerability in MediaTek-powered Android phones represents a critical moment for mobile security and cryptocurrency protection. It underscores the complex interdependencies between hardware manufacturers, software developers, and end-user security practices. While the immediate risk requires users to apply security patches promptly, the broader lesson emphasizes the importance of defense-in-depth strategies for digital asset protection. As the mobile ecosystem continues to evolve, ongoing vigilance and adoption of robust security practices remain the most effective defenses against increasingly sophisticated threats targeting our most personal computing devices. FAQs Q1: How do I know if my Android phone uses a MediaTek processor? You can check your device’s processor information in the Settings menu under “About Phone” or “System Information.” Look for the “Hardware” or “Processor” section. Common MediaTek chip series include Dimensity, Helio, and MT series. Alternatively, use a system information app from a trusted developer. Q2: Does this vulnerability affect iPhones or other non-Android devices? No, this specific vulnerability is confined to the Android operating system running on particular MediaTek chipset configurations. Apple’s iOS uses different hardware and software architectures. However, all device owners should maintain regular security updates as best practice. Q3: Can this attack be performed remotely over the internet? According to Ledger’s disclosure, the exploit requires physical access to the device’s USB port. There is no evidence of remote exploitation capability. This significantly limits the attack vector but makes lost, stolen, or unattended devices particularly vulnerable. Q4: What should I do if I cannot get a security update for my phone? If your device manufacturer no longer provides security updates, consider upgrading to a supported device, especially for security-sensitive activities like cryptocurrency management. As an interim measure, avoid storing sensitive data on the device, use strong authentication, and consider it a higher-risk platform. Q5: Are hardware wallets like Ledger devices themselves affected by this vulnerability? No, dedicated hardware wallets operate on entirely separate, purpose-built secure elements. They are designed to keep private keys isolated from general-purpose computing environments like smartphones and computers, which is why they remain recommended for securing significant cryptocurrency holdings. This post Ledger Crypto Vulnerability: Critical Security Flaw Exposes MediaTek Android Phones to Devastating Theft first appeared on BitcoinWorld .

11 Mar 2026, 11:16

RippleX Head of Research Shares XRP Vision in Harvard Business School Discussion

Ripple sees a huge opportunity ahead, with XRP at the center of it.