Key Takeaways

• Xbox Game Pass Ultimate pricing reduced by 23%, now $22.99/month from $29.99
• PC Game Pass sees a 15% decrease to $13.99/month from $16.49
• Day-one access to new Call of Duty releases eliminated from Game Pass subscriptions
• Xbox gaming revenue declined approximately 10% year-over-year with hardware plummeting 32%
• Recent Xbox leadership change under Asha Sharma drives pricing restructure

The Xbox division at Microsoft has faced mounting challenges. Gaming accounted for a mere 7% of overall company revenue in the most recent quarter, marking it as the sole major business segment experiencing decline.

Microsoft Corporation, MSFT

The financial picture painted a stark reality: console hardware sales plunged 32% following Microsoft’s decision to shelve two game projects, “Everwild” and “Perfect Dark.” CFO Amy Hood acknowledged during an analyst briefing that Xbox content and services revenue fell short of internal projections.

Game Pass Ultimate’s $29.99 monthly subscription had been in place since October, when Microsoft implemented a $10 increase. That pricing decision, as it happens, proved unpopular with consumers.

According to reports, Asha Sharma—Xbox’s newly appointed leader—communicated to staff via internal memo that the subscription had grown prohibitively expensive. Sharma, who joined from Meta, assumed control of Xbox in February following a leadership restructuring that saw Phil Spencer transition out and Sarah Bond depart.

Her solution: reduce pricing while maintaining the game catalog. Game Pass Ultimate falls to $22.99 monthly—representing a 23% discount. PC Game Pass decreases 15% to $13.99. Both adjustments took effect immediately.

The Call of Duty Compromise

There’s a significant caveat. Newly released Call of Duty titles will no longer debut on Game Pass at launch. Microsoft had leveraged the blockbuster franchise as a primary incentive for subscription growth, particularly following its massive $75.4 billion Activision Blizzard purchase in 2023.

Moving ahead, subscribers wanting immediate access to fresh Call of Duty releases must purchase them separately at $69.99. These games will join Game Pass approximately twelve months post-launch.

This represents a meaningful compromise—reduced subscription fees, but diminished launch-day content availability.

Microsoft indicated the adjustments stem from subscriber feedback. “Our players cover a wide breadth of geographies, preferences, and tastes,” the company stated in an official blog post.

Game Pass subscriber count stood at 34 million throughout 2024. Microsoft has not released updated membership figures.

Competitive Landscape Pressures

Xbox remains behind Sony and Nintendo in both hardware sales and subscription service adoption. This competitive disadvantage has forced Microsoft to reconsider Game Pass’s value proposition and pricing strategy.

The termination of hardware initiatives and two game development projects signals a wider strategic reevaluation of the gaming division’s direction. Some industry observers have speculated about potential divestiture or scaling back of the Xbox business, though Microsoft has issued no official statements regarding such possibilities.

Amy Hood referenced an undisclosed impairment charge within the gaming segment during the recent earnings presentation. No specific amount was disclosed.

MSFT stock advanced approximately 0.79% in after-hours trading following the pricing announcement.

Analyst sentiment toward Microsoft remains predominantly bullish, with 34 Buy recommendations and 3 Hold ratings issued over the past three months. The consensus price target stands at $581.61.

Bitcoin rose above $78,000 on Wednesday after renewed easing in Middle East tensions supported risk appetite across digital assets. 

The move came after US President Donald Trump said the ceasefire with Iran would be extended, while market participants also reacted to Strategy’s latest Bitcoin purchase.

The broader crypto market moved higher alongside Bitcoin. Total market value climbed above $2.7 trillion, while Ethereum, Monero, Bitcoin Cash, BNB, and Solana also posted gains. At the same time, leveraged traders faced heavy losses as liquidations neared $500 million over the past 24 hours.

Ceasefire extension supports market rebound

The latest price move followed comments from Trump on the conflict involving Iran. He said the ceasefire would remain in place as officials waited for a “unified proposal,” while adding that Iran’s government was “seriously fractured.”

Those remarks helped improve sentiment across global markets. S&P 500 futures rose 0.5%, while Nasdaq 100 futures gained 0.6%. In crypto, Bitcoin advanced 2.2% over 24 hours and 4.3% over the week to trade above $78,000 during Wednesday trading.

This was not the first market reaction tied to the conflict. Earlier in April, crypto prices also moved higher after the US and Iran agreed to pause hostilities for two weeks. The latest extension again pushed traders toward risk assets.

Brent crude remained near $98 a barrel, while the MSCI Asia Pacific Index slipped 0.7% as investors continued to assess how long tensions in the region could last. Even so, digital assets stayed firm as traders focused on the ceasefire decision.

Bitcoin leads gains as altcoins follow

Bitcoin traded at about $78,145 after breaking out of recent headline-driven volatility. Ether rose 2.1% to $2,366, BNB added 1.3% to $640, and Solana gained 1.8% to $87. Most of the top 10 cryptocurrencies traded in positive territory, with only stablecoins and Tron showing small declines.

The upward move also came after Strategy disclosed a fresh Bitcoin purchase. The company bought 34,164 BTC for $2.54 billion at an average price of $74,395 per coin. That pushed its total holdings to 815,061 BTC, acquired for about $61.6 billion at an average cost of $75,527.

With Bitcoin trading above that average entry price, Strategy’s position returned to a modest unrealized profit. The company’s latest purchase was its biggest since November 2024 and added another corporate demand signal to the market.

Fund flow data also showed renewed investor interest. CoinShares reported that global crypto funds recorded $1.4 billion in inflows last week. Bitcoin attracted $1.12 billion, while Ethereum brought in $328 million. Chainlink and Sui also posted inflows, while XRP and Solana saw outflows despite price gains.

Liquidations near $500 million as shorts take the hit

The fast market rebound caused sharp losses for traders using high leverage. Total liquidations reached about $460 million in the past 24 hours, with short positions making up roughly 70% of that total.

Bitcoin-related liquidations rose to $212 million, while Ether positions accounted for $123 million. The biggest single liquidation took place on Bitget and exceeded $7.5 million.

Data also showed that nearly 110,000 traders were liquidated during the period. The figures reflected how quickly sentiment changed after the ceasefire update and Bitcoin’s move above $78,000.

Key Takeaways

• Tim Cook transitions from Apple CEO to Executive Chairman effective September 1, 2026
• Hardware Engineering SVP John Ternus, a 25-year Apple employee, named as successor
• AAPL shares declined 2.52% in response to the leadership announcement
• Q2 FY26 earnings scheduled for April 30; analysts project $1.94 EPS on revenue of $109.32B
• Wall Street maintains Moderate Buy rating with $305.81 average target price, suggesting ~12% potential gain

Apple appears ready to return to its product-focused roots.

The tech giant revealed Monday that Tim Cook will relinquish his CEO position on September 1, 2026, transitioning to Executive Chairman. John Ternus, who currently serves as Senior Vice President of Hardware Engineering after 25 years with the company, will assume the chief executive position. The announcement sent AAPL down 2.52%.

Ternus embodies Apple’s product-first philosophy. His signature accomplishment involved spearheading the Mac’s migration away from Intel processors to proprietary Apple Silicon — a strategic move that strengthened Apple’s competitive positioning in the personal computer sector.

Apple Inc., AAPL

His attention to detail borders on legendary. Speaking at a 2024 University of Pennsylvania commencement ceremony, Ternus shared a story about examining machined screw heads on the Cinema Display — his first Apple project. He discovered the manufacturer had added 35 concentric grooves instead of the specified 25.

“Maybe a customer notices, maybe they don’t,” Ternus explained. “But either way, whenever I saw one of those displays on someone’s desk, it mattered to me.”

This meticulous approach represents the foundation upon which Apple was established.

Refocusing on Product Excellence

Recent years saw Apple emphasizing its services ecosystem and artificial intelligence capabilities. The services division — encompassing App Store, AppleCare, and Apple Music — has delivered solid performance. The AI narrative has proven more challenging.

Selecting Ternus indicates a strategic realignment toward hardware as Apple’s fundamental strength. The reality is simple: without iPhones, Macs, iPads, and Watches, the accompanying services ecosystem becomes irrelevant. This appointment communicates that priority clearly.

Cook’s own succession plan mirrors his original ascension. Steve Jobs selected Cook — an operations and supply chain expert rather than a product visionary — because Apple required different leadership capabilities at that juncture. Today, Cook and the board are entrusting leadership to someone who thinks in precision measurements and manufacturing specifications.

The recently launched MacBook Neo, with student pricing beginning at $500, exemplifies the direction a Ternus-led Apple might pursue: competitive pricing while maintaining the premium quality standards the brand demands.

Financial Outlook and Shareholder Composition

The leadership transition comes just before Apple releases Q2 FY26 financial results on April 30. Analyst consensus calls for earnings per share of $1.94 alongside revenue reaching $109.32 billion.

Regarding shareholder structure, TipRanks data shows public companies and retail investors controlling 60.61% of AAPL. Exchange-traded funds represent 21.61% of ownership, while mutual funds hold 17.70%. Vanguard leads all institutional holders with 8.45%, followed by Vanguard Index Funds controlling 6.87%.

Wall Street analysts assign AAPL a Moderate Buy consensus rating, comprising 16 Buy recommendations, 8 Hold ratings, and 1 Sell rating across the previous three months. The consensus price target stands at $305.81 — approximately 12% higher than current trading levels.

Apple’s April 30 quarterly report will provide the initial significant gauge of market confidence in the new leadership framework.

Crypto teams are seeing a rise in bug bounty submissions as artificial intelligence tools make it easier to scan code and draft reports. 

At the same time, many protocols say the growing volume includes more low-quality or inaccurate findings, which is making review work harder.

Bug bounty programs reward security researchers for reporting software flaws before attackers exploit them. In crypto, these programs have become a common part of security efforts because protocols often manage large amounts of user funds and operate through open-source code.

Barry Plunkett, co-CEO of Cosmos Labs, said AI is changing how bug bounty programs work. He said the company’s program saw a sharp rise in volume over the past year.

“Our program has seen a 900% increase in submission volume from last year, on the order of 20-50 per day,” Plunkett noted.

He added that the rise included both valid and invalid reports, creating more work for teams trying to separate real issues from weak claims.

Kadan Stadelmann, chief technology officer at Komodo Platform, also said he has seen growth in bug bounty submissions and payouts across organizations. He said some recent reports appeared to be low quality and in some cases may have been false positives.

”There has definitely been an increase in low-quality bug bounty submissions, some of which have been false positives, potentially suggesting AI sourcing,” Stadelmann told Cointelegraph.

He added that AI may have lowered the cost and effort required to produce a report, leading to more submissions.

AI helps researchers but adds more noise

AI tools can help researchers review large amounts of code and point to possible vulnerabilities more quickly. That has made it easier for security researchers to join bounty programs and send findings to protocols.

However, AI systems can also generate inaccurate results. In bug bounty work, that can mean teams receive reports that sound technical but do not describe real flaws. This adds pressure on developers and security staff who must review each claim.

The wider trend is visible beyond crypto. In January, Daniel Stenberg, creator of the open-source tool curl, said he was ending his bug bounty program after dealing with what he described as an influx of ”AI slop in vulnerability reports.”

HackerOne, one of the largest bug bounty platforms, reported in January that it recorded 85,000 valid bounty submissions in 2025. That figure was up 7% from the previous year.

Platforms tighten review standards

As submission volumes rise, some crypto teams are changing how they run bounty programs. Plunkett said Cosmos Labs has tightened how it scores incoming reports and now gives more weight to trusted researchers with a strong record.

He also said the company is working with bug bounty providers that offer more advanced triage support. That step is meant to help reduce the time spent reviewing weak or duplicate submissions.

These changes show that teams are trying to keep bounty programs useful while managing the extra load created by AI-assisted reporting. Programs still need outside researchers, but they also need stronger filters.

Security teams may turn to AI for defense

Stadelmann said AI may also become part of the answer. He said smaller teams may struggle most because they have fewer engineers available to review large numbers of submissions.

”Blockchain teams will have to create AI deterrents to sift through incoming bug bounties,” He said.

He added that defensive AI systems could help sort reports and reduce the burden on internal teams.

Stadelmann also said protocols may need stricter standards for submissions to lower the number of weak reports. As AI tools spread, bug bounty programs are likely to stay active, but teams may need new processes to manage the growing flow.

Privacy-preserving crypto protocol Umbra has pulled its front-end hosting offline in a bid to complicate misuse by hackers who have been moving funds from recent high-profile breaches. The move comes as Umbra disclosed that roughly $800,000 worth of stolen funds were routed through its protocol, a signal that attackers continue to exploit cross-chain bridges and related services despite ongoing security efforts.

In a post on X, Umbra said it had transitioned the hosted front end into maintenance mode and would bring it back online only when it can be done without disrupting recovery efforts. The team stressed that the decision was a precaution aimed at safeguarding the recovery process while acknowledging that the open-source nature of its front end means other implementations could still be used by malicious actors.

Key takeaways

• Umbra paused its hosted front end to hinder attacker use, citing approximately $800,000 in stolen funds moved through its protocol.
• The development follows a high-profile sequence of exploits, including the Kelp protocol breach that netted around $280 million, with investigators suspecting North Korean actors were involved.
• Despite the suspension, Umbra emphasized that on-chain activity and self-hosted or locally deployed interfaces remain possible, underscoring the limits of front-end restrictions.
• Analysts and commentators warn that front-end freezes alone may not satisfy regulators or prosecutors who view interface changes as indicative of broader control over a protocol.
• Ambiguity persists about how to balance privacy objectives with anti-fraud and sanctions enforcement in decentralized systems.

Umbra’s action in a shifting security landscape

Umbra’s decision to take its front end offline highlights a growing debate about defensible responses when breaches spill over into the tooling that users rely on most. The targeted move aims to reduce the surface area hackers can exploit for money movement tied to the latest breaches, according to Umbra’s statement. The project noted that the protocol “protects the identity of the receiver, not the sender,” a distinction it says does not assist hackers trying to conceal fund trails. It also stressed that every stolen fund routed through its contracts can be identified, and that it has been collaborating with security researchers involved in the investigation.

In parallel, security researchers and industry observers have repeatedly warned that the tokenized services bridging assets across networks remain a common vector for theft. The Kelp breach, which saw illicit gains reach hundreds of millions of dollars, has intensified scrutiny of cross-chain activity and the ways in which attackers pivot across networks to move funds. PeckShield and other monitoring outfits have flagged Umbra as a target of interest for opportunistic attackers attempting to bridge stolen Ether into Bitcoin and other assets, underscoring the ongoing liquidity risk within the bridge ecosystem.

The front end debate: is a UI pause enough?

Roman Storm, a co-founder of the crypto mixer Tornado Cash, has argued that a temporary freeze on the front end may not be sufficient to placate authorities or deter illicit use. Storm’s comments reference his own legal battles over sanctions-related charges, where prosecutors characterized control over a protocol as equivalent to controlling its operations. He has argued that limiting user interfaces may be read as exerting influence over a broader system, raising questions about what constitutes meaningful control in decentralized architectures.

Umbra’s own note touched on this tension, noting that the protocol’s core remains usable through smart contracts and, in many cases, through self-hosted front ends. The company asserted that even if the hosted front end goes offline, attackers could still access the open-source components if they choose to deploy their own interfaces or use local deployments. The broader implication is that while operators can reduce risk through UI changes, the core protocol’s code and governance remain the ultimate locus of control—and the primary determinant of how funds move once a user interacts with the protocol on-chain.

Privacy versus enforcement: what changes for users and investigators?

Umbra’s framing of its front-end pause as a protective measure for recovery efforts reflects a nuanced approach to privacy-preserving design. The project reiterated that its technology is intended to protect recipient anonymity, rather than to obscure the sender’s trail. In practice, this means that investigators and security researchers can, with cooperation and the right tools, trace flows of stolen funds even when they pass through privacy-centric constructs. Umbra’s statement that all stolen funds can be identified when appropriate signals and data are available is consistent with ongoing industry norms that seek a balance between user privacy and fraud prevention.

For investors and builders, the incident reinforces a persistent theme in crypto: even advanced privacy protocols operate within a broader ecosystem where law enforcement, sanctions regimes, and compliance expectations shape what is feasible in practice. The ongoing sanctions regime targeting North Korean cyber actors adds a layer of regulatory risk to the activity around cross-chain platforms and mixers, as authorities increasingly couple enforcement actions with industry-wide stances against funding networks linked to sanctioned entities.

What to watch next

As recovery efforts continue, observers will be watching for updates on when and how Umbra will restore front-end access without compromising investigators’ ability to trace and recover funds. The episode also raises questions about the durability of privacy-first designs in the face of coordinated enforcement and incident response. Other protocols with similar privacy-centric aims may reassess their own front-end exposure, governance processes, and incident-response playbooks in light of Umbra’s experience.

In the near term, market participants should monitor whether other bridges and privacy-focused contracts adjust their public interfaces or deploy additional mitigations to reduce exploit risk. Regulators and prosecutors will likely keep a close eye on how developers balance user privacy with the need to curb illicit finance, particularly as high-profile attacks continue to test the resilience of cross-chain ecosystems.

Ultimately, the event underscores a core dynamic in the crypto security landscape: improvements in on-chain privacy and usability must be matched by robust off-chain collaboration, transparent communications, and adaptable incident response plans if communities are to navigate the evolving threat environment without stifling innovation.

readers should stay tuned for further disclosures from Umbra and for subsequent analyses from security researchers detailing how such vulnerabilities are being addressed and what this portends for the broader privacy-centric segment of DeFi.

Another day, another exploit. The security crisis in blockchain-based decentralized finance (DeFi), once touted as a challenger to legacy infrastructure, is only getting worse.

The latest victim is Volo Protocol, a platform built on the Sui blockchain, where users deposit assets into yield-generating “vaults,” which function as pooled investments. Deposited tokens such as bitcoin, stablecoins and tokenized assets are deployed using various onchain strategies to generate returns.

Early Wednesday, the protocol confirmed a security breach that drained a total of roughly $3.5 million in digital assets from three of the vaults. Assets locked in other vaults were not affected, it said in a post on X.

“The ~$28M in TVL across all other Volo vaults is safe. The exploit was isolated to 3 specific vaults, and we have confirmed no shared attack vector exists with the remaining vaults,” the protocol said, adding that it is “prepared to absorb” the financial loss rather than pass it on to users.

The attack hit vaults holding wrapped bitcoin (WBTC), Matridock’s tokenized gold token, XAUm, and the dollar-pegged stablecoin USDC. In response, the protocol froze all vaults and began working with the Sui Foundation and onchain investigators to contain the damage and trace funds.

Since the incident, Volo has “frozen” $500,000 in assets through coordination with ecosystem partners, meaning those funds have been immobilized onchain to prevent any movement or withdrawal. Still, the majority of the stolen funds remain under investigation.

Growing unease

The breach adds to growing unease across decentralized finance, where a string of exploits has raised questions about smart contract security and protocol oversight. The timing is particularly sensitive, coming just days after the weekend’s KelpDAO exploit, in which an attacker drained millions by artificially minting unbacked liquid restaking tokens, rsETH.

The aftermath has rippled across the DeFi, triggering collateral damage in multiple protocols, including leading lending platform Aave, where users rushed to withdraw funds because of the heightened uncertainty.

To date, decentralized finance has suffered roughly $7.78 billion in hacks, according to data from DeFiLlama. Bridge protocols — which enable the transfer of assets across blockchains — account for another $2.90 billion in losses. Combined, the figure exceeds $10 billion, roughly equivalent to the market capitalization of cryptocurrencies ranked between 10th and 15th globally.

Volo says it will publish a full post-mortem once its investigation is complete and remediation steps are finalized.

But for DeFi users and investors, a broader pattern is becoming harder to ignore: while institutional adoption is accelerating, relatively little of that capital appears to be flowing into improving security, with exploits continuing to arrive in clusters.

Read more: The $13 billion DeFi wipeout in two days, and it started with KelpDAO attack