News linked to both this project and an event.
Sui announced on X platform that confidential transfers are now open for public testing on Sui Devnet, where transfer amounts and balances remain private, with controlled visibility for compliance and auditing purposes.
Prediction market platform Kalshi has submitted a self-certification application to launch derivatives linked to Ethereum, XRP, Solana, Dogecoin, Stellar, Chainlink, Bitcoin Cash, Litecoin, Sui, Shiba Inu, Polkadot, and Hedera. This follows the CFTC's approval of Bitcoin perpetual futures last Friday. The CFTC stated that perpetual futures products that US companies intend to list, other than Bitcoin, will be reviewed on a case-by-case basis, and noted that the design of such derivatives may not be suitable for all asset classes. Therefore, this batch of products submitted by Kalshi has not yet been approved.
According to on-chain analyst PeckShield (@PeckShieldAlert), SlowMist’s threat intelligence system MistEye has detected a cross-registry supply chain attack targeting developers. Malicious packages have spread across three major registries—npm, PyPI, and Crates.io—comprising over 34 malicious packages and more than 384 related versions. The attack targets developer communities in cryptocurrency, DeFi, Solana, Sui/Move, and AI. It may lead to the theft of cryptocurrency wallets, SSH keys, cloud credentials, GitHub/AWS tokens, browser data, and other sensitive developer information. Some malicious payloads also attempt persistence via mechanisms including `.cursorrules`, `CLAUDE.md`, Git hooks, cron, systemd, and SSH. SlowMist recommends immediately removing affected packages, isolating compromised systems, rotating exposed credentials, rebuilding CI environments and developer machines from clean images, and conducting comprehensive reviews of GitHub, cloud, SSH, and wallet-related activities.
According to an official announcement by Volo, a security vulnerability occurred today on the Sui network involving Volo—a BTCFi and LST protocol—resulting in the theft of approximately $3.5 million in assets (including WBTC, XAUm, and USDC) from three specific vaults. Immediately after the incident, the team notified the Sui Foundation and ecosystem partners and froze all vaults to prevent further losses. Volo stated that the vulnerability affected only these three vaults; the remaining vaults are not exposed to the same attack vector, and the other ~$28 million in TVL remains secure. The official announcement emphasized that Volo will bear the loss entirely and will not pass it on to users. A comprehensive post-mortem report and remediation plan will be released upon completion of the investigation.