Global markets were mixed on friday as the Dow Jones (+0.13%) edged higher, while the S&P 500 (-0.01%) and Nasdaq (-0.32%) slipped. US inflation eased to 2.1% in April, below expectations, and German inflation also cooled to 2.1% in May. President Trump accused China of violating trade agreements and announced plans to double steel and aluminum tariffs to 50%, escalating global trade tensions. Meanwhile, the US trade court ruled Trump's global tariffs illegal, but an appeals court granted a temporary reprieve. Investors remain cautious amid ongoing trade uncertainty and concerns over the US fiscal path, with JPMorgan Chase's Dimon warning the bond market will "crack" under pressure from rising debt.

  • In crypto, the global crypto market cap decreased 2.4% over the week end to $3.27tn. The total crypto market 24h is currently at $90bn compared to the $138bn on friday morning.
  • In the past 24 hours, crypto liquidations increased 19% and totaled $156.15m, with 53% of them long positions. BTC positions made up more than 25% of all liquidated positions. 
source: Coinglass
  • US spot Bitcoin ETFs saw significant net outflows of $616.22 million on May 30, the worst daily pullback since February 26, and marking a second consecutive day of redemptions following Wednesday’s $358.65 million outflow. This sharp reversal comes after a strong run of inflows since mid-April, which had pushed cumulative net inflows to a peak of $45.34 billion before dropping back to $44.37 billion. BlackRock’s IBIT led the outflows with $430.82 million leaving the fund, its largest single-day outflow on record. Ark’s ARKB and Bitwise’s BITB also saw notable redemptions of $120.14 million and $35.33 million, respectively. Only Invesco’s BTCO and Hashdex’s DEFI held flat, with no issuer posting net inflows. Trading activity remained healthy, with $3.39 billion in daily volume, while total AUM slipped to $126.15 billion, down over $8 billion from the recent high on May 22. The abrupt swing suggests short-term positioning and macro headwinds may be driving a cautious rotation out of crypto exposure as June approaches.
  • Ethereum ETFs extended their inflow streak on Thursday, bringing in $70.24 million in net new capital, marking 10 consecutive sessions of positive flows and lifting cumulative net inflows to $3.05 billion. BlackRock’s ETHA led all issuers with a standout $70.24 million—the only ETF to report any inflow—while every other fund held flat. The sustained demand comes despite Ethereum’s sharp pullback, with ETF prices down around -3% across the board. Trading volumes remained healthy at $485.79 million, and total assets under management edged down to $9.45 billion, largely reflecting the price decline. With ETH spot ETFs now attracting over $550 million in the last five days alone, flows appear resilient even amid volatility, reinforcing growing institutional conviction in Ethereum exposure.
upload in progress, 0
US BTC ETF Flows - source: SoSoValue
US ETH ETF Flows - source: SoSoValue
  • The Open Network (TON) experienced an outage due to an error in the masterchain dispatch queue, which has since been resolved according to representatives for the network.
  • The Sui community has voted to return $162 million in frozen funds after the Cetus exploit, reigniting the debate over decentralization in the DeFi space and raising questions about the balance between user protection and decentralized governance.
  • South Korea's leading presidential candidates have pledged to legalize spot crypto ETFs, ease current regulations, and introduce a won-backed stablecoin, aiming to create a more favorable environment for the cryptocurrency industry in the country.
  • According to a May 31 announcement from the Paris public prosecutor’s office, French prosecutors have charged 25 people, including six minors, in connection with a wave of crypto-related kidnappings, but the masterminds behind these crimes remain at large, indicating an ongoing and complex investigation.
    Meanwhile, crypto executives and investors are turning to kidnap and ransom insurance as a means of protecting themselves against the rising threat of violent attacks and extortion targeting their cryptocurrency wealth.
  • Czech Justice Minister Pavel Blazek resigned after facing intense backlash for his ministry's handling and sale of bitcoins donated by a criminal convicted of drug trafficking, prompting his departure from the position.
  • Wintermute has created a code to warn users about malicious code in Ethereum delegate contracts, protecting them from a new tactic that could drain their wallets by exploiting vulnerabilities in these contracts.
  • A new BitMEX security report described evolving tactics used by the notorious North Korean hacking syndicate, Lazarus Group, revealing how the attackers are blending old-school phishing with modern infrastructure like GitHub and Supabase — and making critical mistakes along the way.
    The campaign, uncovered in May, began with a familiar lure: a LinkedIn message offering a “Web3 collaboration” to a BitMEX employee. When the attacker shared access to a private GitHub repo containing a Next.js/React project, the employee flagged it to BitMEX’s security team — recognizing the setup as a potential Lazarus play. Upon inspection, the project included malicious JavaScript code meant to run once the victim launched the app locally.
    One piece of this code used eval() — a red-flag JavaScript function that executes server-provided code — to fetch instructions from suspicious domains like fashdefi.store. Another eval call pointed to regioncheck.net, a domain previously tied to Lazarus by Palo Alto Networks’ Unit 42.
    After manually triggering the payload and deobfuscating the code using the tool webcrack, BitMEX researchers found that the malware was likely part of the “BeaverTail” credential-stealing family. The script attempted to harvest browser extension data and other local information from infected machines.
    But the real surprise came when analysts traced the malware’s data logging system — a public-facing Supabase database. Supabase, an open-source Firebase alternative, was misconfigured by the attackers, allowing anyone to query its data without authentication. BitMEX discovered 37 exposed infection logs at first — a number that grew to 856 unique entries over several weeks of automated monitoring.
    Among the leaked data: usernames, hostnames, geolocations, and IP addresses. Most of the IPs traced back to VPN services like Touch VPN and Astrill — typical OPSEC tools. But one slip stood out. The user “Victor” once connected from a residential China Mobile IP in Jiaxing, China — a possible glimpse into the attacker’s true location, breaking the group’s usual anonymity.
    The report also uncovered repeated use of the same usernames and device names, hinting at internal reuse and lack of proper compartmentalization within the group’s infrastructure. Daily activity logs revealed predictable work patterns, with a notable daily downtime aligning with evening hours in Pyongyang, reinforcing assumptions about the attackers’ North Korean origin.
  • The International Monetary Fund is questioning Pakistan's plan to allocate 2,000 megawatts of electricity for bitcoin mining due to the country's existing energy shortages and ongoing budget talks.
  • Adam Hollander informed Cointelegraph that the number of weekly unique collectors on OpenSea has seen a 40% increase since January, indicating substantial growth in user engagement on the platform.
  • Thailand's Securities and Exchange Commission has ordered the nationwide blockage of cryptocurrency exchanges Bybit, 1000x, Coinex, OKX, and XT.com due to their unlicensed operation and concerns over potential money laundering activities.
  • Sui validators voted to return $162 million in frozen assets from the Cetus exploit, enabling a full recovery and restart plan for impacted users to access their assets again and restore trust in the platform.
  • The Securities and Exchange Commission has ruled that protocol staking is not a securities transaction, marking a significant win for crypto regulation and potentially paving the way for approval of ETFs that utilize staking.
  • Deepseek's latest AI model recognizes Xinjiang camps as human rights violations while censoring direct criticism of China, prompting concerns over the model's contradictions and potential for increased censorship.
  • An OSINT platform called Lolarchiver offers AI-powered tools that can rapidly profile YouTube commenters based on their activity, raising major privacy and legal concerns due to its potential to expose personal information and online behaviors.
  • MEXC's chief operating officer, Tracy Jin, stated that a recent fraud incident was primarily caused by social engineering scams that targeted new and uneducated users of the cryptocurrency exchange.
  • Sharplink Gaming plans to use the majority of the proceeds from its proposed share sale to purchase Ether, as disclosed in a recent Securities and Exchange Commission filing, indicating a strategic investment in cryptocurrency.