Monat: November 2025

Veröffentlicht am

Shai Hulud malware hits NPM as crypto libraries face a growing security crisis

  • The infection includes at least 10 major crypto packages linked to the ENS ecosystem.
  • A previous NPM attack in early September resulted in 50 million dollars in stolen crypto.
  • Researchers found more than 25,000 affected repositories during the investigation.

A new round of NPM infections has triggered concern across the JavaScript community as the Shai Hulud malware continues to move through hundreds of software libraries.

Aikido Security has confirmed that more than 400 NPM packages have been compromised, including at least 10 widely used across the crypto ecosystem.

The scale of the issue places developers under immediate pressure to assess the risk, especially those working with blockchain tools and applications.

The disclosure came on Monday when Aikido Security released a detailed list of contaminated libraries following a review of unusual behaviour on NPM.

A separate post from researcher Charles Eriksen also highlighted the infection list on X, drawing attention to key ENS packages involved in the incident.

The infections appear to be tied to an active supply chain attack that has been unfolding in recent weeks, adding momentum to a pattern of escalating security incidents within JavaScript infrastructure.

Threat expands beyond earlier NPM attacks

The surge in infections follows a major NPM breach in early September. That earlier case ended with attackers stealing 50 million dollars worth of crypto, making it one of the largest supply chain incidents linked directly to digital asset theft.

According to Amazon Web Services, the attack was followed within a week by the appearance of Shai Hulud, which began spreading autonomously across projects.

While the initial September incident targeted crypto assets directly, Shai Hulud operates differently. It focuses on collecting credentials from any environment that downloads an infected package. If wallet keys happen to be present, they are treated like any other secret and extracted.

This shift in behaviour makes the new incident broader in scope.

Instead of aiming at a single objective, the malware integrates itself into developer workflows and moves through dependency chains, increasing the chance of accidental exposure across both crypto and non-crypto projects.

ENS packages heavily affected

The crypto packages affected in the latest review show a clear concentration around the Ethereum Name Service ecosystem. Several ENS-related libraries, many with tens of thousands of weekly downloads, appear on the compromised list.

These include content-hash, address-encoder, ensjs, ens-validation, ethereum-ens, and ens-contracts.

To support the findings, Eriksen shared a detailed X post outlining the compromised ENS packages. Shortly after, a second X update from Eriksen expanded on the wider spread of infections affecting additional repositories.

Each ENS package supports functions used across wallet interfaces, blockchain applications, and tools that convert human-readable names into machine-readable formats.

Their popularity means that the impact may stretch beyond direct maintainers to downstream developers who rely on them for core operations.

A separate crypto library, crypto-addr-codec, was also identified among the compromised packages. Though unrelated to ENS, it is used in wallet-related processes and carries high weekly traffic, making its contamination another priority area for security reviews.

Growing impact across non-crypto software

The spread is not limited to digital asset tools. Several non-crypto libraries have also been impacted, including packages associated with the workflow automation platform Zapier.

Some of these report weekly downloads well above forty thousand, indicating the malware has reached parts of the JavaScript ecosystem unrelated to blockchain activity.

Additional libraries highlighted in later posts show even higher levels of distribution. One package appeared close to seventy thousand weekly downloads.

Another recorded weekly traffic above one and a half million, reflecting a much wider footprint than early reports suggested.

The rapid expansion has drawn attention from other security teams. Researchers at Wiz stated that they had identified more than twenty-five thousand affected repositories linked to around three hundred and fifty users.

They also noted that one thousand new repositories were being added every thirty minutes in the early stages of the investigation.

This level of growth demonstrates how quickly supply chain contamination can accelerate when packages replicate across dependency networks.

Developers working with NPM have been advised to perform immediate checks, validating environments and scanning for possible exposure.

With dependency chains being interlinked across multiple industries, even teams outside the crypto sector could unknowingly integrate infected packages.

The post Shai Hulud malware hits NPM as crypto libraries face a growing security crisis appeared first on CoinJournal.

Veröffentlicht am

Pi Network price forecast: GCV and the Map of Pi 2.0 drive the narrative

  • Pi Network whale accumulation boosts PI coin despite Bitcoin and Ethereum losses.
  • Map of Pi 2.0 to enable real-world transactions with 140,000+ merchants.
  • Moderators debunk GCV, emphasising utility over speculative hype.

The Pi Network price has captured attention recently as the cryptocurrency steadily outperforms Bitcoin (BTC) and Ethereum (ETH) despite a broader market downturn.

While the wider crypto market struggles, PI coin has shown notable resilience, attracting growing investor interest and a surge in whale accumulation.

This renewed momentum coincides with key ecosystem developments, including the upcoming launch of Map of Pi 2.0 and ongoing discussions surrounding the controversial “Global Consensus Value” (GCV).

Pi Network price eyes breakout as whales step in

Pi Network (PI) has seen its value increase roughly 20% over the past month, in contrast to BTC and ETH, which have fallen 21% and 27%, respectively.

CryptoQuant summary data points to a major whale steadily accumulating PI coin, with purchases totalling over 2.4 million tokens in a single week, bringing the holder’s total stake to approximately 377 million PI, worth an estimated $91 million.

Such concentrated accumulation signals growing confidence in the token, particularly as technical indicators suggest bullish momentum.

The formation of a double-bottom pattern and the breakout from a falling wedge pattern have strengthened the case for a potential upward move toward $0.2920, marking the neckline of the double-bottom.

Market observers also highlight the role of regulatory clarity in bolstering Pi Network’s appeal.

The publication of a white paper advocating adherence to the Markets in Crypto-Assets Regulation (MiCA) positions PI coin favorably for potential European exchange listings.

Rumours about ISO alignment, though unverified, further contribute to investor optimism by suggesting that Pi Network could integrate with established financial standards.

Meanwhile, developers are promoting PI coin as a functional token for real-world applications, especially as it extends utility in artificial intelligence through its partnership with OpenMind.

GCV controversy and Map of Pi 2.0 shape sentiment

The debate over the “Global Consensus Value” has long stirred the Pi community.

Moderators have consistently rejected claims of a fixed, astronomical Pi price, such as the widely circulated figure of $314,159 per token.

These assertions, they argue, are misleading for new users and harmful to merchants attempting to price goods realistically.

By publicly denouncing GCV, the Core Team aims to protect the integrity of the ecosystem, especially during the Enclosed Mainnet phase, and steer attention toward legitimate development milestones.

Amid this backdrop, Map of Pi 2.0 emerges as a central driver of sentiment.

The upgraded platform, featuring over 140,000 verified Pi-accepting merchants and two million users, will introduce full on-chain payments, escrow functionality, multilingual support, and enhanced search tools.

By enabling secure, real-world transactions, Pi 2.0 emphasises practical utility over speculative hype, reinforcing Pi Network’s broader strategy of prioritising functional adoption rather than short-term price fluctuations.

PI price momentum and future outlook

Technical trends and market behaviour suggest that the Pi Network price may continue its upward trajectory if current support and momentum hold.

Momentum indicators, including the Relative Strength Index (RSI) and the MACD, point to increasing buying pressure, while whale accumulation adds a layer of credibility to the bullish thesis.

At the same time, the Pi Network team remains focused on building meaningful infrastructure, including AI-ready nodes and tools for developers, ensuring that utility and adoption remain the guiding principles behind growth.

While market speculation remains inevitable, the combination of whale activity, Map of Pi 2.0, and the debunking of GCV rumours creates a narrative centred on real-world application and investor confidence.

If PI price maintains its current trajectory, it may retest key resistance levels and continue outperforming major cryptocurrencies, offering a compelling case for both long-term users and new entrants interested in tangible use cases.

The post Pi Network price forecast: GCV and the Map of Pi 2.0 drive the narrative appeared first on CoinJournal.

Veröffentlicht am

Zcash price holds key level: can bulls break to $1000 next?

  • Zcash price traded to above $744 in November, reaching the highs on two occasions as privacy coins rallied.
  • While sentiment took a hit as price fell amid profit-taking, the privacy coin’s token remains largely bullish.
  • Bulls may target the $1,000 high.

Zcash dropped to a low of $530 as Bitcoin rebounded to near $87,000 before also paring gains.

The altcoin could revisit support again, but an upbeat market amid whale accumulation means ZEC could target the multi-year highs again in the coming weeks.

However, that optimism could get a serious dent should prices fall below $500.

ZEC falls 8% but bulls fade bears

Zcash’s latest price action tells a tale of fleeting optimism punctuated by relentless bearish momentum.

Recently, ZEC clawed its way up double digits to hit $740 highs and lead the top altcoin gainers.

A lot of the momentum got fuel from institutional whispers of accumulation.

It included aspects such as Cypherpunk Technologies’ recent ZEC treasury addition and VanEck’s projection of the altcoin were seen as a vote of confidence.

Yet, as Bitcoin crashed to lows of 80,000, even ZEC’s uptick proved ephemeral.

On November 24, 2025, ZEC dropped to intraday lows of $530 after plummeting nearly 8%.

Zcash’s intraday high of $608 nonetheless beckons after bulls bounced to $547 as of writing.

Zcash price forecast

Zcash’s trajectory hinges on technical resilience amid bearish headwinds.

The daily chart shows the price remains above the 50-day exponential moving average.

Meanwhile, the Relative Strength Index (RSI) on the timeframe reads 52.30, dipping but not beyond the neutral territory mark.

At current levels, RSI neither screams “buy” nor “oversold,” aligning with the market’s indecision.

Bulls need an upsloping direction above 500, while bears will have eye on movement below the threshold.

Zcash Price
Zcash price chart by TradingView

Despite bears threatening the recent rally, bulls have it all in front of them as they battle to keep the $530 price level.

Here’s what analysis by LunarCrush says about ZEC:

“After pricing moving up more than 1400% in the last three months, Zcash took a break this week with price moving down 20%. Social activity remains extremely strong as the 5th most mentioned coin, ranking right after $XRP and just ahead of $DOGE. $ZEC has shown to be highly correlated to moves in social activity and [social activity] is rising again.

What’s next

A revisit of the $550 zone and a retest of $600 might spell a flip to the current downward vulnerability.

In any case, trading volume falling 38% in the last 24 hours and price bouncing off key levels suggests ZEC is not in panic selling mode yet.

Buyers can seize this opportunity to push ZEC above key psychological levels.

If the privacy narrative strengthens, fresh targets could emerge above $1,000.

Long-term, Zcash’s privacy edge could catalyze further gains, with scarcity favoring bulls.

The post Zcash price holds key level: can bulls break to $1000 next? appeared first on CoinJournal.

Veröffentlicht am

5 reasons for Bitcoin’s selloff according to Deutsche Bank

  • Bitcoin drops 31% as investor belief weakens and risk sentiment fades.
  • Fed uncertainty, regulation stalls, and ETF outflows deepen BTC’s slide.
  • Long-term holders take profits, marking a shift from prior Bitcoin crashes.

Bitcoin has tumbled sharply from its recent record highs, with strategists at Deutsche Bank pointing to a weakening in investor conviction as a key force behind the cryptocurrency’s downturn.

The world’s largest digital asset, which suffered its worst weekly loss since February, continues to face pressure from shifting market conditions, regulatory uncertainty, and profit-taking across both institutional and long-term holders.

Bitcoin edged higher over the weekend but remained down 0.79% at $85,933 at the time of writing.

The cryptocurrency is now 31% below its all-time high of $126,272 reached on Oct. 6.

According to Deutsche Bank strategists Marion Laboure and Camila Siazon, the most significant factor driving the selloff is that “investor belief is crucial for continued gains — and right now the faithful are wavering.”

The strategists revived their “Tinkerbell effect” theory from 2021, which argues that bitcoin’s valuation is driven heavily by sentiment and what investors collectively believe it is worth.

In their view, sentiment-driven selling has re-emerged, shaking confidence in bitcoin’s ability to remain a stable part of diversified portfolios.

They noted that bitcoin’s “portfolio integration is being tested,” adding that the shift could be temporary or persist depending on broader financial conditions.

The bank shared 5 reasons behind the cryptocurrency’s sell-off.

Broader decline in stocks and risk appetite

The first major factor weighing on Bitcoin is a pullback in global risk sentiment.

Deutsche Bank notes that the cryptocurrency continues to behave like a risk asset rather than a safe-haven hedge, despite some investors hoping it would evolve into a defensive store of value.

The broader selloff in equities has spilled into digital assets, reinforcing that Bitcoin’s performance remains tethered to overall market mood.

Uncertainty over the Federal Reserve’s next moves

The second pressure point comes from uncertainty surrounding US monetary policy.

Investors have become less confident that the Federal Reserve will continue easing this year.

This shift has introduced volatility into multiple asset classes, including cryptocurrencies, as traders reassess risk-taking amid the possibility of a more restrictive policy stance.

Deutsche Bank strategists warn that further hesitation or hawkish signals from the Fed could deepen Bitcoin’s decline.

Regulatory momentum has stalled

Regulatory uncertainty is also contributing to the downturn.

According to Laboure and Siazon, momentum behind crypto-related regulatory progress has slowed since the summer.

This stagnation has complicated Bitcoin’s “portfolio integration,” making institutions more cautious about increasing exposure.

The lack of clear, forward-moving regulatory frameworks has left investors in a holding pattern, weakening one of the key drivers of Bitcoin’s mainstream financial adoption story.

Institutional outflows and thinning liquidity

A fourth driver of the selloff is rising institutional outflows.

Deutsche Bank notes that several Bitcoin exchange-traded funds have experienced withdrawals, reducing liquidity across the market.

Thinner liquidity amplifies price declines and increases volatility.

This dynamic marks a significant difference from previous crashes, many of which were predominantly driven by retail traders rather than institutions.

Long-term holders taking profits

Finally, long-term Bitcoin holders — often referred to as the most steadfast participants in the market — have begun taking profits.

This behavior, the strategists say, has not been observed in earlier downturns and underscores the unusual nature of the current correction.

Selling from such investors adds to market pressure and signals that even committed holders are reassessing their positions.

While the strategists say it remains unclear when or whether Bitcoin will stabilize, they emphasize that this year’s pullback is distinct.

Unlike prior crashes fueled by retail speculation, the current slump is unfolding amid a complex mix of institutional activity, shifting macroeconomic conditions, and evolving policy landscapes — leaving the market’s next move uncertain.

The post 5 reasons for Bitcoin’s selloff according to Deutsche Bank appeared first on CoinJournal.

Veröffentlicht am

Solana price recovery cut short as Pump.fun’s $436M USDC outflow spooks investors

  • Pump.fun’s $436M USDC outflow fuels Solana investor caution.
  • Currently, SOL struggles near $121–$123 support amid death cross risks.
  • Technical setups, however, hint at $160 target, but momentum remains weak.

Solana price has struggled to sustain its recent recovery after a volatile week, as concerns over ecosystem stability and broader market pressures weighed on the cryptocurrency.

Despite technical signals that had hinted at a potential rebound, investor caution has surged following a massive USDC outflow from Pump.fun, Solana’s leading meme coin platform.

The unexpected move has cast a shadow over the network’s short-term outlook, challenging bulls and reigniting debate over whether Solana (SOL) can regain momentum in the current market environment.

Pump.fun outflow rattles the market

The spotlight has shifted squarely onto Pump.fun after on-chain data from Lookonchain revealed a substantial transfer of 436.5 million USDC to the Kraken crypto exchange.

This outflow, originating from mid-October, comes amid growing uncertainty over the platform’s financial strategy and public silence.

Notably, investor confidence has visibly waned, with the PUMP token falling more than 22% over the past week, and the USDC movement has been interpreted as a potential cash-out, adding downward pressure on Solana’s broader ecosystem.

Furthermore, the USDC outflow is not an isolated event.

The same Lookonchain report indicates that Pump.fun also offloaded a large portion of Solana (SOL) holdings in recent months, including 3.93 million SOL moved to Kraken and 264,373 SOL sold on-chain.

These actions, combined with declining activity on the platform’s Mayhem Mode, signal reduced engagement, which could translate into lower network fee revenue for Solana and dampened investor sentiment.

The sharp decline in new tokens created under Mayhem Mode, from over 1,400 to fewer than 20 on November 21, according to data from the Dune platform, further illustrates the erosion of user participation.

Mayhem Tokens Created
Source: Dune

This wave of uncertainty arrives as Solana navigates a broader market landscape marked by extreme fear, with the crypto Fear & Greed Index registering 12/100.

On-chain volume data shows that while SOL remains active, liquidity pressures and ecosystem jitters are weighing heavily on the short-term outlook.

Solana price recovery prospects

Earlier, technical analysts had pointed to a potential rebound in Solana’s price.

They noted that SOL reclaimed its 4-hour trend line, signalling momentum recovery ahead of other major assets.

Trader Cobb highlighted a breakout above short-term resistance levels near $143–$145, while GTradeCrypto identified a breakout from a symmetrical triangle and a possible incoming inverse head and shoulders breakout.

This pattern pointed to a measured move toward $160, raising hopes of a more sustained recovery.

But despite these bullish indicators, SOL remains confined within a descending channel that has dictated price action since mid-September.

The formation of a death cross on the daily chart, with the 50-day moving average crossing below the 200-day moving average, has added caution to the technical outlook.

Death cross formation on the Solana daily chart
Solana price analysis | Source: CoinMarketCap

While recent candlesticks display long lower wicks, indicating aggressive buying at support levels between $121–$123, the market has yet to demonstrate sustained momentum.

A close above $144–$146 would be needed to validate early strength, with a breach of $172 signalling a meaningful trend shift.

Meanwhile, the broader technical structure hints at a potential cup-and-handle formation, with the weekly price range between $128–$180 remaining intact.

On-chain volume supporting the network’s activity suggests that underlying demand persists despite near-term volatility.

The post Solana price recovery cut short as Pump.fun’s $436M USDC outflow spooks investors appeared first on CoinJournal.