Today in crypto, Gemini has secured Nasdaq as an investor in its $317 million initial public offering (IPO), with Nasdaq purchasing $50 million in shares as part of a strategic partnership, Sky is the latest bidder wanting to help build Hyp…
Today in crypto, Gemini has secured Nasdaq as an investor in its $317 million initial public offering (IPO), with Nasdaq purchasing $50 million in shares as part of a strategic partnership, Sky is the latest bidder wanting to help build Hyperliquid’s stablecoin, and hackers with malware designed to steal crypto hit core JavaScript libraries in what’s been called the largest supply chain attack ever.
Nasdaq seeks access to Gemini’s crypto services via investment: Report
US stock exchange giant Nasdaq has reportedly formed a strategic partnership with Winklevoss-founded crypto exchange Gemini to gain access to its custody and staking services.
Gemini has secured Nasdaq as a strategic investor as the company moves forward with its initial public offering (IPO) debut on the stock exchange, Reuters reported on Tuesday, citing sources familiar with the matter.
The crypto exchange expects to raise up to $317 million through the IPO and has arranged for Nasdaq to purchase $50 million in shares via a private placement concurrent with the offering, the sources said.
The investment is part of a strategic partnership that would enable Nasdaq to integrate Gemini’s custody and staking, while Gemini’s institutional clients would have access to Nasdaq’s Calypso platform to manage and track trading collateral.
The strategic partnership plans are subject to market conditions and possible changes, as mentioned by the sources.
The report came shortly after Nasdaq announced a major move into tokenized securities, or blockchain-based versions of traditional stocks, on Monday.
Sky joins bidding war to launch Hyperliquid’s USDH stablecoin
Crypto protocol Sky, formerly Maker, became the fifth major crypto project on Monday to bid on helping the decentralized exchange Hyperliquid launch and issue a stablecoin called USDH, for which it first solicited bids on Friday.
Sky co-founder Rune Christensen made a wide-ranging proposal promising a 4.85% return on all USDH, that it would be “natively multichain” via LayerZero, and that the community could customize it so it could comply with US laws banning stablecoin issuers from offering yield, among other things.
Sky’s proposal is the fifth similar bid for the stablecoin from a major crypto project after Hyperliquid posted to its Discord on Friday that it wanted pitches from “teams interested in deploying a Hyperliquid-first, native stablecoin with the ticker USDH.”
Other bidders have included stablecoin protocol Frax, stablecoin issuer Paxos, crypto infrastructure firm Agora and Native Markets, a new venture set up by Hyperliquid advocate Max Fiege with the sole goal of winning the project.
Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries
Hackers have compromised widely used JavaScript software libraries in what’s being called the largest supply chain attack in history. The injected malware is reportedly designed to steal crypto by swapping wallet addresses and intercepting transactions.
According to several reports on Monday, hackers broke into the node package manager (NPM) account of a well-known developer and secretly added malware to popular JavaScript libraries used by millions of apps.
The malicious code swaps or hijacks crypto wallet addresses, potentially putting many projects at risk.
“There’s a large-scale supply chain attack in progress: the NPM account of a reputable developer has been compromised," Ledger Chief Technology Officer Charles Guillemet warned on Monday. “The affected packages have already been downloaded over 1 billion times, meaning the entire JavaScript ecosystem may be at risk.”
According to a X post by DefiLlama founder Oxngmi, the malicious code doesn’t automatically drain wallets — users would still have to approve a bad transaction.
Since the hacked JavaScript package can alter what happens when you click a button, hitting the “swap” button on an affected site could swap out the transaction details and send funds to the hacker instead.
He added that only projects that updated after the compromised package was published are at risk, and many developers “pin” their dependencies so they keep using older, safe versions.
Still, because users can’t easily tell which sites were updated safely, it’s best to avoid using crypto websites until the affected packages are cleaned up.
