Bitcoin bulls fell $515 short of their $80,000 target after BTC (BTC) topped out at $79,485 on Monday, but a potential upside is that the brief pullback provides a necessary retest of key underlying levels. 

In technical analysis, a break of structure is generally followed by a support-resistance retest as swing traders take profits at preset levels that align with metrics such as the Fibonacci retracement, exponential moving averages, Bollinger Bands, order book structure, and more. The support-resistance flip is also a feature traders look for to confirm that a longer-term resistance (in this case) has turned into support. When confirmed, it gives some traders the confidence to open new positions at the S/R level as they believe the break of structure and retest marks either the completion or the start of a trend reversal. 

After managing the first decisive breakout from the three-month-old channel, Bitcoin retested the channel resistance (at $76,688) that had pinned down every BTC rally since Feb. 8. A deeper retest could see the price drop to the 20-day moving average at $75,250, and then confirmation of the S/R flip would entail daily candle closes above the former trendline resistance. 

BTC/USDT 1-day chart. Source: TradingView

Outside of the naked price action from the candlestick chart, the long-to-short delta (heatmap below) shows longs currently with the advantage, with a -$38.6 million delta, and the figure widens to -$153 million if BTC rises to $77,500. 

BTC/USD long-short delta. Source: Hyblock

Essentially, the SR flip from the Monday US morning session liquidated long positions down to $76,500, potentially confirming the trendline resistance as support. As the price rebounds, the chart shows shorts having significantly more leveraged exposure at risk.

Related: Bitcoin shorts create $1.4B liquidation risk: Is a price squeeze to $80K next?

Bulls may succeed in pushing the price through the most immediate overhead shorts and returning BTC to its range highs below $80,000, but the aggregate orderbook set at 2.5% to 5% shows a wall of asks stacked from $79,700 to $80,000. This suggests that clearing the $80,000 level could remain a challenge in the short-term.

BTC/USDT orderbook bids and asks. Source: TRDR.io

This article is produced in accordance with Cointelegraph’s Editorial Policy and is intended for informational purposes only. It does not constitute investment advice or recommendations. All investments and trades carry risk; readers are encouraged to conduct independent research.

Robinhood users are confronting a new phishing campaign that rides on Gmail’s native dot alias feature and weaknesses in the platform’s account-creation flow. The emails, which appear to originate from Robinhood’s mail server, warn of an unrecognized device login and direct recipients to malicious sites via a deceptive call-to-action button.

Early reports on social media show users receiving messages that look like legitimate Robinhood alerts. The attackers exploit Gmail’s dot-insensitivity to register nearly identical-looking accounts, then leverage a flaw in Robinhood’s onboarding flow to inject forged content into the automated emails. The result is an email that can slip past common defenses and prompt a user to click through to a phishing page.

Key takeaways

• The attack leverages Gmail’s dot alias behavior to route phishing emails to a target’s inbox by creating Robinhood-style accounts that differ only by a dot in the address.
• Fraudsters embed HTML instructions in the optional “device name” field during Robinhood’s account creation, which Gmail treats as formatting, enabling a seemingly legitimate email with a malicious phishing link.
• The forged message can pass standard email authentication (SPF, DKIM, DMARC), making the email appear trustworthy and increasing the likelihood of a click on the phishing button.
• Victims are at risk mainly if they enter credentials on the fake site; the mere visit does not grant access, but credential input can lead to account compromise.
• Robinhood confirmed that the incident involved abuse of the account creation flow, not a breach of its systems or customer accounts, and no personal data or funds were reported as impacted.

The exploitation mechanics

Experts describe a two-pronged method that underpins the campaign. First, scammers create Robinhood accounts using email addresses that differ only by the presence or absence of a dot in Gmail’s address handling, such as “jane.smith@gmail.com” versus “janesmith@gmail.com.” In the eyes of Robinhood, these are distinct accounts, but Gmail routes mail to the same inbox, enabling fraudsters to seed legitimate-looking communications under a target’s actual address.

Second, attackers exploit the account-creation flow by injecting HTML into the optional “device name” field. Gmail interprets field content as formatting, allowing a phony email to contain a credible header and a convincing call to action. The crafted email can pass SPF, DKIM, and DMARC checks, making it appear as though it truly originates from noreply@robinhood.com. When a recipient clicks the phishing button, they are taken to a counterfeit login page designed to harvest credentials.

Robinhood’s response and user guidance

Robinhood’s official stance was communicated through its support account on X, which acknowledged that some users received a falsified email from “noreply@robinhood.com” with the subject line “Your recent login to Robinhood.” The company attributed the issue to an abuse of the account-creation flow and stressed that there was no breach of Robinhood’s systems or customer accounts, and that personal information and funds were not impacted.

“This phishing attempt was made possible by an abuse of the account creation flow. It was not a breach of our systems or customer accounts, and personal information and funds were not impacted. If you received this email, please delete it and do not click any suspicious links. If you have clicked a suspicious link or have any questions about your account, please contact us directly within the Robinhood app or website.”

Security researchers emphasize prudence: users should avoid clicking unfamiliar links, delete suspicious messages, and contact official Robinhood channels for account questions. The episode also underscores the need for vigilance around onboarding flows and the resilience of email authentication measures, which attackers now appear capable of circumventing in targeted contexts.

Industry context and what’s next

The phishing wave hitting Robinhood arrives amid a broader trend in crypto-security risk. Hacken, a blockchain security firm, reported earlier this month that phishing and social engineering dominated crypto attacks in the first quarter of 2026, accounting for about $306 million in losses. The finding highlights a persistent vulnerability vector in the crypto ecosystem, where attackers increasingly blend social manipulation with technical exploits to bypass conventional safeguards.

For investors, traders, and builders, the episode reinforces several practical considerations. Platforms must tighten onboarding checks to prevent impersonation through dot aliases or other address-equivalence tricks, while improving email authentication and leveraging behavioral signals to distinguish genuine messages from forged ones. Users should practice heightened skepticism with any alert that requests action within a financial app, especially when a message prompts credential input or redirects to a login page. Enabling two-factor authentication, staying within official apps or websites for sign-in, and cross-checking any unusual activity with direct support channels become critical defensive habits in this environment.

Looking ahead, observers will be watching how Robinhood and other platforms shore up their onboarding processes and email security controls. Investigators will also assess whether additional victims were targeted and whether similar dot-alias techniques are leveraged in other services. For now, the incident serves as a pointed reminder that even well-known fintech apps remain vulnerable to technically simple yet highly effective social engineering plays when combined with misconfigurations in onboarding flows.

Readers should watch for updates from Robinhood on account-flow protections and for guidance from security researchers on mitigations that can be deployed both by platforms and by users to reduce exposure to this evolving tactic.

XRP finally gave way at $1.40, and the way it broke matters more than the move itself. This wasn’t a slow drift lower. It was a high-volume push that cleared a level buyers had defended for weeks. Once that kind of support goes, it usually doesn’t snap back quickly. It tends to flip, and that’s exactly the test now.

News Background

• Bitcoin dominance pushed toward 60%, reinforcing a rotation out of altcoins and limiting follow-through demand for XRP.

• The multi-month triangle structure that had been compressing price finally resolved, with the move breaking lower instead of triggering the expected upside expansion.

Price Action Summary

• XRP dropped from $1.44 to $1.39, breaking cleanly through the $1.40 support zone.
• The move was driven by a sharp spike in participation, not thin liquidity.
• Price is now stabilizing just below the breakdown level, trading in a tight $1.39–$1.40 range.

Technical Analysis

• The key shift is structural. $1.40 was support, now it’s resistance unless reclaimed quickly.
• Volume expanding into the breakdown confirms real selling pressure, not just positioning noise.
• The triangle pattern that held price for weeks has resolved lower, removing the compression support.
• Short-term bounces are showing up, but they’re reactive, not strong enough to reverse the move yet.

What traders should watch

• $1.40 is now the pivot. Reclaim it with volume, and the breakdown starts to look like a fakeout.
• $1.37 is the next downside level. Losing that opens the path toward deeper support near $1.31.
• If price keeps holding below $1.40, sellers stay in control and rallies are likely to get sold.

Canada has advanced a bill to block cryptocurrency donations in federal elections, pushing tighter controls on how political funding is handled.

According to Canada’s House of Commons, Bill C-25, known as the Strong and Free Elections Act, cleared its second reading on Friday, allowing lawmakers to move the proposal to committee for detailed review and possible amendments.

Tabled on March 26, the bill would bar political parties and candidates from accepting crypto contributions, with regulators identifying digital assets as a gap in existing campaign finance rules. Lawmakers backing the measure have linked the restriction to concerns around verifying the source of funds and enforcing contribution limits under current law.

No timeline has been set for the committee stage, leaving the pace of further progress dependent on parliamentary scheduling.

The decision to restrict crypto in elections is unfolding alongside efforts to define how digital assets fit within the financial system. Regulators have been working on stablecoin oversight frameworks that would expand the role of the central bank while refining rules for custody, investment funds, and storage practices.

Policy direction has taken shape under Prime Minister Mark Carney, who has previously expressed skepticism toward cryptocurrencies. Despite that, Canadian authorities have continued to build a structured regulatory approach, separating financial system integration from political use cases where tighter limits are now being proposed.

Crypto donations face growing scrutiny across democracies

Debate around crypto-linked political funding has intensified beyond Canada, with similar concerns raised in other jurisdictions. In the United Kingdom, the Joint Committee on the National Security Strategy warned in its March 18 report that cryptocurrency donations pose risks to transparency and national security due to difficulties in tracing their origin.

The UK committee called for an immediate halt to such donations until clearer rules are introduced, citing the possibility of foreign actors attempting to influence political outcomes. Lawmakers also proposed stricter disclosure thresholds and stronger penalties tied to foreign funding violations.

Republican US Senator Thom Tillis said he won’t support the Senate’s crypto market structure bill unless it includes ethics provisions limiting how White House officials can use crypto.

“There has to be ethics language in the bill before it leaves the Senate, or I’ll go from one of the people working on negotiating it to voting against it,” Tillis told Politico on Monday.

Democratic Senator Ruben Gallego said that there is “no final bill — there is no final movement — unless there is a bipartisan agreement when it comes to the ethics provision.”

Tillis, who is retiring early next year, is a senior member of the Senate Banking Committee, which is key to advancing the Senate bill. The House passed a version of it, called the CLARITY Act, in July.

Thom Tillis, pictured at a meeting in 2024, says he won’t support a crypto bill without an ethics provision. Source: City of Greenville, North Carolina

The bill carves up crypto regulation between the Commodity Futures Trading Commission and the Securities and Exchange Commission and has been plagued by delays as lawmakers and lobbyists seek to add provisions on ethics and stablecoin yield payments.

Democratic lawmakers have heavily criticized the Trump family’s expanding crypto businesses and have sought to use the bill to crack down on a perceived conflict of interest.

Related: Canada advances bill to ban crypto political donations

Now, lawmakers are reportedly saying talks on the ethics provisions are moving forward, but it’s not clear what the language will be.

“We’re making progress,” Democratic Senator Adam Schiff told Politico. “We have been talking for a long time without making much progress, and now that other parts of the bill are starting to come together, we’re narrowing our differences.”

Schiff said earlier this year that Democrats want “a ban on sponsoring, endorsing or issuing digital assets that applies to all federal employees,” including the president, who has backed a memecoin and non-fungible tokens bearing his name and likeness.

Magazine: Will the CLARITY Act be good — or bad — for DeFi?

Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

Solana validator clients Anza and Firedancer have introduced a test version of Falcon, a post-quantum signature solution built to prepare the network for future quantum risks.

The update comes as blockchain developers assess how quantum computers may affect public-key cryptography. Falcon aims to give Solana a ready option if stronger quantum protection becomes needed.

Anza and Firedancer said Falcon was designed for high-throughput blockchain use. The teams said it can be activated “if and when the time comes,” referring to the possible point when quantum computers can break current encryption systems.

Jump Crypto, the team behind Firedancer, said Falcon-512 offers the smallest signature among post-quantum signature standards selected by the U.S. National Institute of Standards and Technology. Smaller signatures may help Solana protect speed, bandwidth, and storage efficiency.

Jump Crypto says performance should remain stable

The teams said the migration process would be manageable and fast when required. They also said network performance should not face a major change from the shift.

“The migration work is manageable, the transition can happen quickly when the time is right, and network performance is not expected to see a meaningful impact,” the announcement said.

Jump Crypto added that Falcon signature verification is not hard to implement. It also said signing happens off-chain, which may reduce pressure on Solana’s network during normal activity.

Moreover, Anza and Firedancer said they researched post-quantum tools separately before reaching the same view. Both teams agreed that Solana needs a clear quantum readiness path before any future threat becomes active.

The two clients have already added early Falcon versions to their GitHub repositories. Data from Anza’s GitHub account shows work on Falcon has been underway since at least Jan. 27, 2026.

Quantum concerns continue across crypto

Falcon is not the first quantum-related tool in the Solana ecosystem. Blueshift’s Winternitz Vault has offered optional quantum security on Solana since January 2025, but it is not a protocol-level upgrade.

The wider crypto sector continues to debate quantum threats. Google and California Institute of Technology researchers recently said useful quantum computers may arrive sooner than earlier estimates. Google also claimed such systems may one day break Bitcoin cryptography within ten minutes.

However, some industry figures have played down the near-term risk. Blockstream CEO Adam Back said current quantum computers remain “essentially lab experiments” and argued that a real threat may still be decades away.

Robinhood users are being warned about a new phishing attack that takes advantage of Gmail’s native “dot alias” feature and flaws in Robinhood’s account creation process to send malicious emails.  

Robinhood users on Sunday began reporting on social media of emails originating from the platform’s mail server warning of an unrecognized device login, which linked to phishing websites in the “call to action” button.

Source: David Gobaud

Alex Eckelberry, a cybersecurity researcher and tech CEO, said the phishing campaign wasn’t the result of a hack but instead exploited a native Gmail characteristic that ignores dots in an email address, as well as a “couple of terrible holes” in Robinhood’s account setup.

It comes after blockchain security company Hacken reported earlier this month that phishing and social engineering attacks dominated crypto attacks in the first quarter of 2026, accounting for $306 million in losses.

Source: Alex Eckelberry

Hackers created fake Robinhood accounts

Eckelberry said the scam relied on fraudsters creating an account on Robinhood with an email closely mimicking their target’s email address. 

For example, a Robinhood user could have an email address such as “jane.smith@gmail.com.” The scammer would create a new Robinhood account with an email without the dot in the middle, such as “janesmith@gmail.com.”

While Robinhood would treat them as completely separate accounts, Gmail ignores dots in the username part of an email address. This means scammers could prompt Robinhood to automatically send emails intended for their fake account, but have them arrive in their target’s inbox instead. 

To get a phishing link into the automated email sent when a new Robinhood account is created, the scammers would then add HTML instructions to the optional “device name” field on Robinhood, which Gmail treats as formatting instructions. 

Source: Abdel

“The result is a real email from “noreply@robinhood.com” that passes SPF, DKIM, and DMARC. It looks completely legitimate but now contains injected fake warning text and a working phishing button. Clicking the button leads to a fake login site,” Eckelberry said. 

The email is only dangerous if information is added

Visiting the fake login website alone isn’t enough for hackers to gain access to an account, Eckelberry said, but entering sensitive information such as passwords could allow bad actors to do so.

Related: Robinhood Q4 earnings miss as crypto revenues decline

Robinhood’s support account on X posted a statement on Monday confirming that some users received a falsified email from “noreply@robinhood.com” with the subject line “Your recent login to Robinhood” and blamed the issue on an exploit of the “account creation flow.”

“This phishing attempt was made possible by an abuse of the account creation flow. It was not a breach of our systems or customer accounts, and personal information and funds were not impacted,” they said.

“If you received this email, please delete it and do not click any suspicious links. If you have clicked a suspicious link or have any questions about your account, please contact us directly within the Robinhood app or website.”

Magazine: Should users be allowed to bet on war and death in prediction markets? 

Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

Two of Solana’s most-used validator clients have implemented a test version of a new post-quantum signature solution, Falcon, to help prepare the Solana network for future quantum threats.

In an announcement on Monday, Anza and Firedancer said Falcon is built for “high-throughput blockchain use” and that it can be activated “if and when the time comes” — an apparent reference to Q-Day, the point at which quantum computers become powerful enough to break public-key encryption.

“The migration work is manageable, the transition can happen quickly when the time is right, and network performance is not expected to see a meaningful impact.”

Source: Solana Foundation

Concerns that quantum computers could eventually break blockchain cryptography have fueled worries about private keys and wallet security, prompting broader debate over how the sector should prepare as the technology develops.

One of those concerns has revolved around building quantum solutions that don’t impair blockchain performance by increasing bandwidth and storage.

To address that issue, Jump Crypto, the crypto infrastructure platform behind Firedancer, said Falcon-512 was built to generate the smallest signature currently among the US National Institute of Standards and Technology’s selected post-quantum signature standards.

It added that Falcon signature verification is “not complex to implement” and that signing is executed off-chain.

Solana ecosystem aligned with quantum plan

Anza and Firedancer said they independently researched quantum solutions and both concluded that quantum readiness is necessary before agreeing to build Falcon.

Both validator clients have implemented an initial version of Falcon in their GitHub repositories.

Data from Anza’s GitHub account shows that the development team has been working on Falcon since at least Jan. 27, 2026.

Falcon isn’t the first quantum solution floated in the Solana ecosystem.

Blueshift’s Winternitz Vault has offered quantum security to Solana since January 2025, though it was designed as an optional add-on for users and thus isn’t a protocol-level upgrade.

Related: Google targets 2029 post-quantum migration as threats draw nearer

The push comes as Google and California Institute of Technology researchers said last month that functional quantum computers could arrive sooner than expected and that they require far less computing power to break cryptography than previously thought.

Google even claimed that quantum computers could potentially break Bitcoin’s cryptography within ten minutes, allowing hackers to perform an “on-spend” attack.

However, Blockstream CEO Adam Back said current quantum computers are “essentially lab experiments” and that no real threat will emerge for decades.

Magazine: Bitcoin may take 7 years to upgrade to post-quantum: BIP-360 co-author

Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.