Proton VPN ships WireGuard rewrite, eyes post-quantum encryption
Proton VPN's new client-side WireGuard codebase enters beta on Android and Windows, marking the largest infrastructure overhaul in the platform's history and setting the stage for post-quantum resistance.
Palo Alto VPN Flaw Under Active Exploit; CISA Adds to Federal Mandate
A critical authentication bypass in Palo Alto's widely-deployed GlobalProtect VPN is being actively exploited to breach corporate networks without valid credentials, forcing federal patching deadlines.
New York Court Halts Bid to Seize $293B in Dormant Bitcoin Wallets
A New York judge stayed a default judgment seeking to award 39,069 inactive Bitcoin wallets to a private claimant under abandoned-property law, but the July 14 hearing will test whether state courts can reach self-custodied crypto.
BitGo opens institutional Bitcoin to Lightning routing fees
BitGo Bank and Trust integrated Amboss Rails on June 11, moving Lightning routing from developer tool to regulated institutional product line.
Ledger audits Trezor's chip, finds unfixable flaw in Safe 7
Ledger's security team disclosed a laser fault injection vulnerability in Trezor Safe 7's open-source TROPIC01 chip, requiring a silicon revision and establishing cross-rival hardware audits as industry norm.
Fedimint backtracks to stability as production deployments scale
Fedimint's v0.11.2-alpha release signals the ecash project now maintains a separate production branch, revealing active federation deployments at scale.
Fedimint Forces Recurring Payments Migration, Launches Experimental Next-Gen Modules
Fedimint v0.11.2-alpha.1 removes LNv2 from its recurring payments daemon, forcing operator migration, while shipping experimental MintV2 and WalletV2 modules as opt-in federation components.
Fedimint's Gateway Fee-Sort Cuts Privacy Cost for Ecash Users
Fedimint v0.11.1 released April 21 automates lowest-fee Lightning gateway selection, reducing the per-transaction cost of privacy for federated ecash users.
Illinois bans sale of biometric data, forcing tech reckoning today
Illinois SB 340 passed the Senate 54–3 and faces a House vote today under final legislative deadline, outlawing sale of biometric data, geolocation, and health info without consent.
Apple, Google warn Canada encryption law would break security
Apple and Google testified before Parliament that Bill C-22 would force them to weaken encryption; Signal threatened market exit rather than comply.
Foundation ships Passport Prime, opens KeyOS to developers with $6.4M round
Foundation closed $6.4M led by Fulgur Ventures, launched Passport Prime hardware wallet with KeyOS OS to general availability, and opened developer platform to outside builders including Cake Wallet's 1M users.
Malmi Ships Nostr VPN v4.0.42, Kills the Server
Martti Malmi released Nostr VPN v4.0.42 today across five platforms, shipping the first production VPN that requires no email, account, or corporate server, a structural shift in how mesh networks authenticate.
Sparrow Wallet ships Silent Payments with hardware signer support
Sparrow Wallet 2.5.0 adds Silent Payments receiving for desktop users with airgapped hardware wallet signing, ending the privacy-vs-security tradeoff.
Canada's Tech Exodus: VPN Giants Join Signal in Threatening to Leave
Signal, Windscribe, and NordVPN are threatening to exit Canada over Bill C-22's encryption backdoor mandates, marking the first coordinated industry resistance to a Western surveillance law.
BitGo Embeds Lightning into Regulated Custody, First Federally Chartered Bank Move
BitGo, an OCC-supervised digital asset trust bank, now offers Lightning Network payments directly from qualified custody via Voltage partnership, removing infrastructure barriers for institutional clients.
Poland ditches Signal for state-controlled messenger amid APT campaigns
Poland's government ordered public officials to abandon Signal for a domestically controlled encrypted messenger, citing APT phishing, a move that prioritizes state control over cryptographic auditability.
CDT polling undercuts Canada's encryption crackdown
New polling data shows Canadians overwhelmingly oppose Bill C-22's surveillance powers, contradicting government claims as Signal, Windscribe, and NordVPN threaten to exit the country.
Meta kills Instagram encryption, handing law enforcement a win
Meta discontinued end-to-end encryption for Instagram DMs after May 8, 2026, citing low adoption and content moderation needs, reversing a prior privacy commitment.
Ledger and Trezor Commit to Clear Signing Standard
Hardware wallet makers Ledger and Trezor pledged to implement Ethereum's new Clear Signing standard by June 30, closing the blind-signing attack surface that enabled billions in crypto theft.
LQWD deploys 267 Bitcoin as live Lightning routing capital
A publicly-traded Lightning infrastructure operator now holds 267 BTC deployed directly as productive routing liquidity, signaling institutional commitment to Lightning as an asset class, not a passive treasury.
75% of Bitcoin hashrate joins protocol to strip pool operator control
Seven major mining pools including Foundry, AntPool, and F2Pool commit to Stratum V2, returning block construction decisions from pool operators to individual miners.
Bitcoin Core's First Memory Safety Bug Exposes 43% of Live Nodes
Bitcoin Core disclosed CVE-2024-52911, a memory safety vulnerability affecting versions 0.14.0-28.x; roughly 5,900 nodes remain unpatched despite the fix shipping in v29.0.
Block's Bitkey adds screen, finally closes hardware wallet's biggest hole
Block launched a new Bitkey hardware wallet with a secure touchscreen on April 27, addressing the original device's structural flaw: users had to blindly trust their phone to approve transactions and security settings.
Fedi ships direct payments from Stable Balance, sidestepping regulatory walls
Fedi v26.1.0 eliminates a friction point for non-technical users: direct payments from ecash without converting to Bitcoin first, positioning federated custody as the post-MiCA alternative to vanishing custodial wallets.
Tails Patches Critical Linux Kernel Flaw That Could Deanonymize Users
Tails 7.7.2 emergency release fixes CVE-2026-31431, a privilege escalation flaw that could chain with other exploits to compromise anonymity for journalists and activists using the privacy OS.
Cryptographers propose trustless proof for data marketplace payments
A new zero-knowledge system called ZK-Value would let data contributors cryptographically verify their earnings in AI training pipelines without trusting the operator's math.
Your Smart Home Is Broadcasting Your Routines to Neighbors
New research shows passive attackers can infer household activities from encrypted smart device traffic, lowering the surveillance bar from ISPs to next-door neighbors.
China pressures Zambia to cancel world's largest digital rights conference
RightsCon 2026, expected to draw 5,000+ participants, was canceled days before opening after Chinese diplomatic pressure on Zambia over Taiwanese civil society attendance.
Square Flips Bitcoin On for Millions of U.S. Merchants by Default
Block's Square platform automatically enabled Bitcoin Lightning payments for millions of eligible U.S. sellers, shifting from opt-in to opt-out with zero processing fees through 2026.
Cashu Adds Hardware Enclaves to Fix Its Biggest Trust Flaw
Cashu creator Calle announced non-custodial ecash mints using hardware enclaves where operators cannot access Bitcoin keys, eliminating the protocol's single largest trust weakness.