Malicious versions of Axios, a widely used JavaScript package on npm, were published with a hidden dependency that could expose apps—including crypto projects—to a supply-chain attack. Socket Security said the poisoned releases could be pulled automatically by projects using caret version ranges, and noted Axios has roughly 100 million weekly downloads. Developers were advised to check for axios@1.14.1, axios@0.30.4, and plain-crypto-js@4.2.1 and roll back if found.

Nium said it launched a stablecoin-funded card issuance platform on March 30, 2026, letting businesses issue cards on both Visa and Mastercard via a single integration. The company said stablecoin balances can be converted into fiat at the point of sale across hundreds of millions of merchant locations, with compliant issuance supported across 190 countries.

KB Kookmin Card said Tuesday it will work with Avalanche to develop a hybrid stablecoin payment model designed for use with existing credit cards. The company plans to build the system on a public blockchain and, with OpenAsset, cover top-ups, payments, and settlement, while prioritizing wallet stablecoin balances before charging any remainder to credit.

1inch Business said on March 30, 2026 that it expanded its Model Context Protocol (MCP) so autonomous AI agents can directly use DeFi infrastructure to execute swaps and manage onchain portfolios in real time. The update lets developers build goal-driven workflows that plan and route trades across the 1inch network via the Swap API, with access to 15 APIs including Portfolio and Gas Price tools. Developers can enforce controls such as slippage limits, allowed token pairs, and signing methods to keep automated execution within defined rules.

Coinfello launched March 30 at EthCC in Cannes, positioning itself as a self-sovereign AI agent platform built to automate on-chain actions while users keep custody of wallets and private keys. The web app uses delegated, user-defined permissions, human-readable transaction reviews, and smart accounts for automation, and it integrates with Metamask and other EVM wallets. Company executives say the product is aimed at retail users and developers now, with expectations for institutional adoption later.

Ripple Prime has expanded its Hyperliquid integration to support on-chain perpetual contracts for traditional commodities, enabling institutions to trade gold, silver, and oil-linked derivatives on-chain. The update adds support for "HIP-3 symbols" and follows Ripple Prime's initial Hyperliquid integration in February 2026.

AgentCypher has launched Joker King, an autonomous AI-agent card battle game on Neo X with a US $25,000 seasonal prize pool paid out across multiple cycles. The first cycle runs from March 26 to April 3 and includes a US $5,000 pool, while matches are settled on-chain via smart contracts without human involvement during gameplay.

US authorities unsealed an indictment accusing Maryland resident Jonathan Spalletta of hacking Uranium Finance in April 2021 and stealing more than $54 million across two exploits. Prosecutors allege some of the funds were later used to buy collectibles such as Pokémon cards, antique Roman coins and fabric from the Wright brothers' plane, and say he faces charges that carry up to 30 years in prison.