QorTrace
QORTRACE THREAT RADAR · LIVE

The clock is
already ticking.

A live map of post-quantum and Web3 threats. Every signature you commit today is harvest-now-decrypt-later candy when fault-tolerant quantum arrives. Watch the threat surface — and the countdown — in real time.

Schedule Consult
ESTIMATED Q-DAY · 2028-10-03
816
DAYS
19
HRS
58
MIN
8
SEC
STATE OF THE ART
1,180
physical qubits
Atom Computing · Phoenix
Best logical: 24 q (Microsoft + Quantinuum)
HARVEST · NOW · DECRYPT · LATER
6,695,752,800
ECDSA signatures committed onchain (BTC + ETH)
BTC #957266 · ETH #25,493,053
SEE EXPOSED WALLETS →
WEEKLY THREAT BRIEFING · FREE
Tweet this view · AR
FILTERS · TAP TO TOGGLE LAYERS
NEWS_THEDEFIANTeToro Takes Strategic Stake in Onchain Derivatives Exchange Extended, Plans Zengo Tie-UpNEWS_THEDEFIANTBitMine Adds $73 Million in ETH, Pushing Holdings to 4.8% of SupplyNEWS_THEDEFIANTTether's Former CIO Heathcote Plans to Sell Equity StakeNEWS_THEDEFIANTNEAR Governance Votes to Scrap Developer Gas RebateNEWS_THEDEFIANTEDX Markets Closes $76M Series C Led by SBI HoldingsNEWS_THEHACKERNEWSTop AI Agents Built to Catch Malicious Code Can Be Tricked Into Running ItNEWS_COINDESKXRP holds near $1.10 as traders watch long-term breakout setupNEWS_SECURITYWEEKUnpatched Backdoor in Tenda Firmware Grants Admin Access to DevicesNEWS_COINDESKBitcoin, ether steady, gold slides as US-Iran tensions escalate againNEWS_THEHACKERNEWSGhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding AgentsNEWS_COINTELEGRAPHAI boom fuels inflation fears, complicating Fed’s next rate moveNEWS_THEHACKERNEWSFake 7-Zip Installers Turn Devices Into Residential Proxy NodesNEWS_COINTELEGRAPHCrypto VC Paradigm raises $1.2B to push into AINEWS_COINTELEGRAPHMark Cuban-backed DeFi dashboard Zapper shutters after 7 yearsNEWS_COINTELEGRAPHCrypto could benefit if Fed steps in to backstop US stock market: AnalystsNVDCVE-2026-15137 · CVSS 7.3
FREE PQC SCAN · 1 PER DAY

Paste a wallet or contract address and we'll score its cryptographic exposure on a 0-100 scale. Free, no card, instant.

REGIONAL HOTSPOTS · 14d
NIST PQC STANDARDS
ML-KEM (Kyber)
FIPS 203 · Key Encapsulation
STANDARDISED
2024
ML-DSA (Dilithium)
FIPS 204 · Digital Signature
STANDARDISED
2024
SLH-DSA (SPHINCS+)
FIPS 205 · Hash-based Signature
STANDARDISED
2024
FN-DSA (Falcon)
FIPS 206 · Digital Signature
DRAFT (DIS)
2025
HQC
— · Backup KEM
SELECTED (2025)
2025
THREAT FEED · LAST 14 DAYS
551
vendor
1227
news
239
cve
6
kev
Sources: CISA Known Exploited Vulnerabilities catalog, NIST NVD CVE feed, GitHub Advisory Database, and curated cybersecurity + Web3 RSS feeds. Refreshed hourly.
MOST-TARGETED VENDORS · 30d
github
CVE 3 · GHSA 190
193
wordpress
CVE 40 · GHSA 0
40
microsoft
KEV 1 · CVE 27 · GHSA 7
35
java
CVE 17 · GHSA 14
31
python
CVE 16 · GHSA 14
30
linux
KEV 1 · CVE 8 · GHSA 10
19
joomla
KEV 2 · CVE 14 · GHSA 0
16
ibm
CVE 14 · GHSA 0
14
QUANTUM RACE · LEADERBOARD
IBM
Condor
1,121q
Atom Computing◉ SOTA
Phoenix
1,180q
USTC
Zuchongzhi 3.0
504q
Quantinuum
H2
56q
Google
Willow
105q
Microsoft + Quantinuum
Topological + ion-trap
56q
IonQ
Forte
64q
Rigetti
Ankaa-3
84q
PQC COMPLIANCE COUNTDOWN
DORA · Digital Operational Resilience Act
538d ago
2025-01-17 · EU
EU financial-sector firms must demonstrate operational resilience (incl. ICT third-party risk) — including cryptographic posture.
CNSA 2.0 · Software/Firmware
190d ago
2025-12-31 · US-NSA
NSA target for new National Security Systems software & firmware to start adopting CNSA 2.0 (Kyber, Dilithium, SHA-2) algorithms.
BSI TR-02102-1 · Crypto Recommendation Refresh
9d ago
2026-06-30 · DE-BSI
Annual BSI cryptographic-recommendation refresh — flagged deadline for hybrid (classical + PQC) roll-out in regulated DE.
CNSA 2.0 · Networking & VPN
540d
2027-12-31 · US-NSA
Networking, VPN, and key-management products on NSS networks should fully support CNSA 2.0 algorithms.
NIST SP 800-131A · Disallow RSA-2048 / ECDSA P-256
1636d
2030-12-31 · US-NIST
NIST recommended sunset for classical public-key crypto in federal systems — full PQC migration target.
CNSA 2.0 · Full PQC Adoption
2732d
2033-12-31 · US-NSA
All NSS systems must be using CNSA 2.0 PQC algorithms exclusively.
COMMUNITY PULSE · CURATED
@CISAgov
Reminder: NSA's CNSA 2.0 timeline is in effect. New software for NSS should now be adopting Kyber, Dilithium, and SHA-2.
@NIST
FIPS 203 (ML-KEM), 204 (ML-DSA) and 205 (SLH-DSA) are now the standards. Migration windows are short for high-value targets.
@matthew_d_green
Harvest-now-decrypt-later isn't a scenario, it's an active intelligence program. The ECDSA signatures you commit today are tomorrow's plaintext.
@hashedout
Bitcoin's quantum exposure isn't a 2040 problem. ~25% of circulating supply sits in P2PKH addresses with exposed pubkeys. Q-Day day-one targets.
@SchneierBlog
If your security architecture cannot survive the public release of CRYSTALS-Kyber breaks, you needed PQC yesterday.
@a16zcrypto
Wallet providers shipping PQC migration paths in 2026 will own the institutional custody narrative for the next decade.
LATEST ADVISORIES
NEWS_THEDEFIANT · INFO
eToro Takes Strategic Stake in Onchain Derivatives Exchange Extended, Plans Zengo Tie-Up
eToro has become a strategic investor in Extended, an onchain perpetual futures exchange, and said the round begins a partnership with Zengo, the self-custody wallet eToro acquired earlier this year. Neither company disclosed the investment size.
NEWS_THEDEFIANT · INFO
BitMine Adds $73 Million in ETH, Pushing Holdings to 4.8% of Supply
BitMine Immersion Technologies (NYSE: BMNR), the Ethereum treasury company chaired by Fundstrat's Tom Lee, bought 42,197 ETH worth roughly $73 million over the past week, according to the company's own holdings update posted Monday. The purchase lifts BitMine's total to 5,742,237 ETH, about 4.8% of…
NEWS_THEDEFIANT · INFO
Tether's Former CIO Heathcote Plans to Sell Equity Stake
Richard Heathcote, who until earlier this year served as Tether Holdings SA's chief investment officer, is planning to sell a small stake in the stablecoin issuer, Bloomberg reported Monday, citing people familiar with the matter. Heathcote is working with investment bank PJT Partners to sell part…
NEWS_THEDEFIANT · INFO
NEAR Governance Votes to Scrap Developer Gas Rebate
NEAR's on-chain governance body, House of Stake, passed proposal HSP-027 to eliminate the protocol's developer gas rebate, a change that will send all network gas fees to be burned rather than partly rebated to smart-contract owners. NEAR co-founder Illia Polosukhin confirmed the outcome Monday,…
NEWS_THEDEFIANT · INFO
EDX Markets Closes $76M Series C Led by SBI Holdings
EDX Markets, an institutional-only crypto trading venue with its own central clearinghouse, closed a $76 million Series C funding round led by SBI Holdings, the firm said in a press release. The Tokyo-listed financial group becomes a strategic investor in the U.S. exchange. The capital will fund…
NEWS_THEHACKERNEWS · INFO
Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It
Ask an AI coding agent to scan open-source code for security holes, and it might run the attacker's code on your own machine instead. That is the finding in a proof-of-concept published Wednesday by the AI Now Institute, an attack it calls "Friendly Fire." It works against Anthropic's Clau
NEWS_COINDESK · INFO
XRP holds near $1.10 as traders watch long-term breakout setup
XRP defended the $1.00-$1.05 support zone, but the near-term chart remains capped below resistance as analysts track larger wedge and channel patterns.
NEWS_SECURITYWEEK · INFO
Unpatched Backdoor in Tenda Firmware Grants Admin Access to Devices
Tracked as CVE-2026-11405, the vulnerability allows unauthenticated attackers to access a device's web management interface. The post Unpatched Backdoor in Tenda Firmware Grants Admin Access to Devices appeared first on SecurityWeek .
NEWS_COINDESK · INFO
Bitcoin, ether steady, gold slides as US-Iran tensions escalate again
Oil climbed for a third day and gold fell for a fourth while bitcoin is up 1.6% on the week.
NEWS_THEHACKERNEWS · INFO
GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents
Researchers at Wiz found that a flaw in six popular AI coding assistants lets a booby-trapped code project quietly take control of a developer's computer. The assistant asks permission to edit one harmless-looking file, but the write lands on a sensitive one instead. The affected tools are
NEWS_COINTELEGRAPH · INFO
AI boom fuels inflation fears, complicating Fed’s next rate move
Ongoing strong demand for AI infrastructure “would likely sustain upward pressure on prices for technology products and electricity,” Federal Reserve policymakers said.
NEWS_THEHACKERNEWS · INFO
Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes
Cybersecurity researchers have disclosed details of a new threat actor dubbed Lurking Lizard that has been operating an end-to-end malicious residential proxy business using an infrastructure comprising more than 230 lookalike domains. The activity dates back to at least August 2022, according to DN
NEWS_COINTELEGRAPH · INFO
Crypto VC Paradigm raises $1.2B to push into AI
Crypto venture firm Paradigm is widening its investment gaze toward AI and other frontier industries with its latest fund.
NEWS_COINTELEGRAPH · INFO
Mark Cuban-backed DeFi dashboard Zapper shutters after 7 years
Zapper provided crypto market data to over 2 million monthly active users and oversaw more than $13 billion in processed transactions during its peak.
NEWS_COINTELEGRAPH · INFO
Crypto could benefit if Fed steps in to backstop US stock market: Analysts
The size and scope of the US stock market “gives policymakers a strong incentive to backstop major drawdowns,” said Bitget Wallet COO, Alvin Kan.
NVD · HIGH
CVE-2026-15137 · CVSS 7.3
A weakness has been identified in code-projects Interview Management System 1.0. This vulnerability affects unknown code of the file \inc\classes\View.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been made available to the publ
NVD · HIGH
CVE-2026-15135 · CVSS 7.3
A security flaw has been discovered in code-projects Online Food Order System 1.0. This affects an unknown part of the file /edit_food_items.php. The manipulation of the argument update results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the publi
NVD · HIGH
CVE-2026-15134 · CVSS 7.3
A vulnerability was determined in CodeAstro Simple Online Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /SimpleOnlineLeave/index.php. Executing a manipulation of the argument email can lead to sql injection. The attack may be performed from remot
NEWS_DECRYPT · INFO
The New Grok 4.5 Is Out. Elon Musk Says It Competes With Last Year's Claude Opus
SpaceXAI's new coding model is cheaper and faster than Anthropic and OpenAI's flagships—and by Musk's own account, at least one generation behind them.
NEWS_COINTELEGRAPH · INFO
Bitcoin tumbles back to key $60K support level: What’s behind the sell pressure?
Bitcoin faces renewed sell pressure amid an oil price surge, Japan economic contagion risks and a fresh round of selling from Strategy.
NEWS_DARKREADING · INFO
Mexico's New Cyber Plan Faces Its First Real Test
The Latin American nation's cybersecurity plan — still in the expansion phase — has to survive its own knockout round during the FIFA World Cup.
NEWS_BITCOINMAG · INFO
Bitcoin Slips to $62,000, Paring Rebound as CryptoQuant Sees Room Higher
Bitcoin Magazine Bitcoin Slips to $62,000, Paring Rebound as CryptoQuant Sees Room Higher Bitcoin slipped to around $62,000 after rebounding from last week's $57,700 low, while CryptoQuant says improving demand, seasonality and valuation support further gains, though its bearish Bull Score Index sug
NVD · HIGH
CVE-2026-60105 · CVSS 8.6
Monsta FTP before 2.14.5 contains a server-side request forgery vulnerability in the fetchRemoteFile action caused by an incomplete IP blocklist check in the isBlockedIP() function, which fails to detect embedded IPv4 addresses within IPv4-mapped IPv6 addresses. An unauthenticated attacker can obtai
NVD · HIGH
CVE-2026-58525 · CVSS 8.2
Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.
GHSA · HIGH
GHSA · pip/serena-agent · CVE-2026-49471
Serena: Unauthenticated Flask dashboard on fixed port enables DNS rebinding → memory poisoning → RCE
GHSA · HIGH
GHSA · maven/nl.nl-portal:taak · CVE-2026-49464
NL Portal: IDOR allows any authenticated user to complete and tamper with another user's taak
GHSA · MEDIUM
GHSA · maven/nl.nl-portal:documenten-api · CVE-2026-49463
NL Portal: Missing per-user authorization on document and decision GraphQL queries in nl-portal-backend-libraries
NEWS_DECRYPT · INFO
Paradigm Raises $1.2 Billion Fund as Crypto VC Pushes Further Into AI
The investment firm said its fourth fund will back AI, robotics, and crypto startups as it broadens beyond digital assets.
NEWS_DARKREADING · INFO
Lone Attacker Uses AI to Breach AWS Cloud Environment in 72 Hours
The attacker exploited AI workflows, chained cloud weaknesses, and stolen credentials to extort a large Amazon customer.
GHSA · LOW
GHSA · npm/waku · CVE-2026-49456
Waku has an Open Redirect via `unstable_redirect` Helper

Don't wait for Q-Day.

QorTrace audits smart contracts, scans wallets for cryptographic exposure, and certifies post-quantum readiness. The strongest hands move first.

Get auditedSee pricing