cloud

SlowMist has issued a security alert, detecting an active npm supply chain attack targeting @redhat-cloud-services related packages. Currently, over 31 packages have been confirmed affected, with a weekly download volume of approximately 116,000 times, and stolen credentials exist in more than 300 GitHub repositories. This attack method is highly similar to the previous "Shai-Hulud" npm attack, including credential theft, creation of malicious repositories, and automated secret leakage. New suspicious repositories continue to emerge, indicating that the attack is still ongoing, and developers are still being continuously infected.Potential harms include: theft of GitHub/npm tokens, leakage of AWS/GCP/Azure cloud credentials, collection of SSH keys and Kubernetes secrets, leakage of local environment and wallet data, creation of malicious repositories and persistence operations, and even potentially destructive actions after tokens are revoked. It is recommended to immediately remove or downgrade affected @redhat-cloud-services package versions, conduct a comprehensive audit of CI/CD workflows and dependency installations, rotate all GitHub, npm, cloud service, SSH, and wallet-related keys, retain logs, and rebuild exposed developer machines or Runners from clean images while maintaining a high level of vigilance.

The Huobi HTX VIP private class "AI + Trading from Theory to Practice" was held in Shanghai, where Cloud, the Chief Analyst of HTX Research, shared "New Trading Opportunities in the AI Era."He believes that AI is a huge gold mine waiting to be explored, and trading is the fastest and most efficient way to monetize AI. Ordinary traders face three major challenges: emotional interference, limited energy, and cognitive biases, which form the "impossible triangle" of trading. AI is the key to breaking this dilemma. AI can achieve objective and emotionless decision-making, large-scale parallel monitoring, surpass human pattern recognition capabilities, and multi-modal signal fusion, fundamentally reshaping trading decision logic.

According to Bloomberg, the Dutch government has blocked the proposed acquisition of Dutch cloud service provider Solvinity Group BV by the American company Kyndryl, citing security concerns. Dutch Minister of Digital Economy Willemijn Aerdts stated in a letter to Parliament on Tuesday, "The proposed acquisition of Solvinity may pose a risk to the public interest." She also announced a "complete ban" on the transaction, which was already close to completion.

According to on-chain analyst Yu Jin's monitoring, the exchange Kraken redeemed 50,600 ETH (107 million USD) from the restaking project EigenCloud. The total TVL of the restaking sector has dropped from 31 billion USD in August last year to 11 billion USD, and the TVL of the leading EigenCloud (formerly Eigenlayer) has decreased from 22 billion USD to 5.5 billion USD.

a16z crypto general partner Guy Wuollet pointed out that the financial industry is undergoing a "digital migration" similar to the era of cloud computing, with blockchain becoming the core infrastructure driving this transformation. Wall Street's adoption of blockchain is not driven by the idea of "decentralization," but rather by the practical needs for counterparty risk management, settlement efficiency, and fair ordering mechanisms.The so-called "digital assets" essentially represent the process of migrating the underlying architecture of the financial system onto the blockchain, similar to the transition of enterprise IT systems from on-premises deployment to cloud services. When financial assets operate on programmable shared infrastructure, it brings the core advantage of "composability," allowing assets to be freely combined and expanded like software, significantly reducing development costs and enhancing the overall innovation efficiency of the financial system. This trend will drive traditional finance from a "closed reconciliation system" to an "on-chain coordination network," and blockchain technology will gradually become a standard component of the financial infrastructure layer in this process.

LayerZero Labs released a report on the KelpDAO attack incident, confirming that the KelpDAO rsETH cross-chain bridge built on its cross-chain communication protocol was attacked, resulting in the theft of approximately 116,500 rsETH (about $292 million). Several security agencies, including Mandiant, CrowdStrike, and independent researchers, attributed the attack to the North Korean-related hacker group TraderTraitor (UNC4899).The report indicates that the attack began on March 6, 2026, when the attackers used social engineering techniques to compromise a LayerZero developer account, obtain session keys, and infiltrate the RPC cloud environment, further contaminating internal RPC node data and manipulating return results to deceive monitoring systems and the decentralized verification network (DVN).LayerZero Labs officially announced that it will adjust its security strategy, including no longer allowing its DVN to act as the sole signer in a single validation configuration, while also rebuilding the affected cloud infrastructure and introducing short-term credentials, instant permission upgrades, and multi-party approval mechanisms to enhance security.

According to The Wall Street Journal, Alphabet's Google and Blackstone plan to jointly create an artificial intelligence cloud company, centered around Google's proprietary chips, directly competing with rivals like CoreWeave. Blackstone will invest $5 billion in equity capital and hold a majority stake in the company. The deal was officially announced on Monday local time, and the name of the new company has not yet been disclosed.

According to monitoring by Catcher Predict, in the market prediction event on Polymarket "LoL: Cloud9 vs FlyQuest (BO3) - LCS Regular Season," the "both teams kill a dragon" sub-market's "yes" option win rate has experienced a sharp fluctuation, soaring from 49.5% an hour ago to the current 90% (a fluctuation of 40.5%). Please note the impact of related breaking news.

According to Globenewswire, NASDAQ-listed company IREN announced its latest financial report and disclosed that it has signed an AI cloud contract with NVIDIA worth $3.4 billion. IREN will deploy air-cooled Blackwell GPU infrastructure for NVIDIA, with a contract duration of 5 years.The financial report also showed that IREN is accelerating its transition from Bitcoin mining to AI cloud business, with the construction of data centers related to the $9.7 billion contract with Microsoft progressing. As of April 30, IREN held $2.6 billion in cash, and its revenue for the third quarter of fiscal year 2026 was $144.8 million, down from $184.7 million in the previous quarter, with a net loss of $247.8 million impacted by non-cash impairment related to the elimination of mining machines.

According to a report by Reuters, the American cybersecurity service company Cloudflare announced it will lay off about 20%, or more than 1,100 employees, to reorganize operations around the application of AI tools. CEO Matthew Prince stated that the company is redesigning each team and function to adapt to the era of agent-based AI.Cloudflare stated that its own AI usage has increased more than sixfold over the past three months, and this layoff is a redesign of internal processes and positions, rather than due to employee performance or short-term cost pressures. Cloudflare expects second-quarter revenue to be around $664 million to $665 million, slightly below the analyst expectation of $665.3 million.

According to CNBC, Google's stock price surged significantly after hours, briefly surpassing Nvidia's market value. The driving factor was a report stating that Anthropic has committed to paying $20 billion to Google Cloud over five years. If the deal is true, Anthropic will contribute over 40% of Google's future contract cloud revenue.

Google Cloud and the Solana Foundation have jointly launched a payment system for AI agents called Pay.sh, which supports on-demand payment of API call fees on the Solana chain using stablecoins. This system is based on the x402 protocol incubated by Coinbase, allowing AI agents to discover, invoke, and pay for API resources without the need to register an account or subscribe to services, achieving a "pay-as-you-go" micropayment model.It is reported that AI agents can bind a Solana wallet as an identity identifier and automatically complete payments by recharging their balance with stablecoins or credit cards when invoking cloud services such as data analysis and model inference. Pay.sh operates on top of Google Cloud and connects backend services through an API proxy layer, such as large model calls and container applications. In addition, the system is compatible with the Machine Payments Protocol (MPP) and connects to over 50 API service providers, covering scenarios such as communication, e-commerce, and on-chain data. Officials state that this model helps promote the development of the "Agentic Economy," enabling AI agents to autonomously consume and invoke internet services.

According to The Block, Bitcoin mining company IREN Limited has agreed to acquire cloud infrastructure software company Mirantis for approximately $625 million in an all-stock transaction to enhance its AI cloud business layout.This acquisition will bring critical software and "orchestration" capabilities to IREN, helping it better monetize its expanding GPU and data center resources. Mirantis focuses on Kubernetes-based cloud infrastructure tools that enable automated deployment, scaling, and management of containerized applications.Analysts point out that the transaction values Mirantis at about 4 to 5 times its revenue, aimed at helping IREN catch up with AI cloud competitors like CoreWeave and build a complete "full-stack new cloud" capability.This merger is also an important step for IREN in its transformation from a Bitcoin mining company to an AI infrastructure platform. Previously, the company had raised approximately $3.6 billion through equity and convertible bond financing to expand its GPU and data center capacity, with total construction investments expected to exceed $9 billion. After the transaction is completed, Mirantis is expected to operate as an independent subsidiary.

According to GlobeNewswire, Bitcoin mining hosting and cloud services company Applied Digital announced that it has secured a $300 million senior secured bridge loan led by Goldman Sachs to advance its AI data center project construction.This financing is secured by project assets, can be repaid early without penalty, and will seek additional long-term financing in the future to support the development and construction of the AI data center.

According to The Block, AWS Marketplace has integrated data services such as Chainlink's Data Feeds, Data Streams, and Proof of Reserve, supporting developers in connecting AWS's computing, storage, database, and API capabilities with blockchain smart contracts.AWS stated that the Chainlink oracle infrastructure provides a secure two-way connection between AWS resources and on-chain smart contracts, making it easier for institutions to develop applications that interact with tokenized assets and smart contracts in a familiar AWS environment.

According to Jinshi reports, Alibaba Cloud has officially launched the enterprise-level intelligent agent construction platform ------ JVS Crew. JVS Crew is designed with the concept of "being integrated," allowing enterprises to quickly embed it into existing apps, SaaS services, or smart hardware, gaining production-level AIAgent construction capabilities with zero barriers.80% of platform-level heavy lifting, such as multi-tenant isolation, security compliance, cost accounting, and channel access, is unified by JVS Crew. With built-in atomic APIs and SDKs, intelligent agent capabilities can be rapidly developed on existing products, achieving the leap from "individual shrimp farming" to "mass production of lobsters." Currently, JVS Crew has been launched on the Alibaba Cloud official website, where enterprise users and developers can learn about product details and apply for testing.

The 0G Foundation announced a partnership with Alibaba Cloud to launch on-chain access to the Qianwen large model for AI agents.This move shifts artificial intelligence infrastructure from centralized, API-based systems to programmable, tokenized access specifically designed for autonomous agents. Through this collaboration, 0G allows developers to directly embed access to Qianwen into their infrastructure via a token-based mechanism. This eliminates the need for traditional account management and enables on-demand programmable access to AI computation. Agents running on 0G can query the Qianwen large model to generate responses, process information, or execute tasks in real-time.Michael Heinrich, CEO and co-founder of 0G Labs, stated, "From a macro perspective, inference runs on Qianwen, and verification runs on 0G—this builds a more complete computational and trust foundation for autonomous AI systems. The integration of 0G with Alibaba Cloud's Qianwen marks a milestone, achieving the fusion of top-tier intelligence and trusted infrastructure."

According to official news, the cloud hosting platform Vercel has confirmed that a security incident has occurred, involving unauthorized access to some internal systems.Currently, only a small number of customers have been confirmed to be affected, and Vercel is communicating directly with the relevant customers. Vercel stated that its services are still operating normally, and it has initiated an investigation and hired incident response experts to assist in handling the situation, while also notifying law enforcement.Vercel recommends that all customers review their environment variables and use the sensitive environment variable feature to enhance security protection.

At the "Crypto 2026: From Cryptocurrency to Smart Economy" themed forum held in Hong Kong, Tencent Cloud's industry architect Alan Nie delivered a keynote speech titled "Cloud + AI Dual Engine: Tencent Cloud Empowers New Growth in Web3."Alan Nie pointed out that Web3 enterprises face three major bottlenecks in global infrastructure, R&D efficiency, and business intelligence. Tencent Cloud deeply integrates the "Cloud + AI" dual engine to provide low-latency infrastructure covering the globe. Among them, the Singapore data center is the only cloud provider in the world that offers four availability zones, and the self-developed TDSQL-C database can achieve elastic scaling in seconds, with Redis single-node performance reaching over 300,000.In terms of AI empowerment, Tencent Cloud launched CodeBuddy (AI Pair Programmer) and WorkBuddy (Personal AI Assistant), which can automatically generate code, batch process office documents, organize meeting minutes, and support multi-agent parallel execution of complex tasks. In financial scenarios, the automation research report reproduction cycle has been shortened from three days to half a day; in on-chain data analysis scenarios, storage costs have been reduced to one-tenth of the original, with query responses reaching millisecond levels.Alan Nie stated that Tencent Cloud is committed to using the "Cloud + AI" dual engine to help Web3 enterprises build the next generation of smart economic infrastructure.