👉Issue #106 of QX Snapshots is out!

Welcome to QX Snapshots - a weekly recap of the key news on emerging technologies. In this newsletter, you will get a "digest" of the latest info on Enterprise Blockchain, AI, Quantum Technology, and more. We hope it brings you value!

[Blockchain] Citadel to Start Digital Asset Market Making, PayPal Expands PYUSD Stablecoin for Millions Of Merchants, Circle's USDC And EURC recognized by Dubai Financial Services Authority. PayPal is expanding the utility of its stablecoin PYUSD throughout 2025, focusing on integrating it into more of its product offerings. The payment giant plans to enable its network of over 20 million small-to-medium sized merchants to use PYUSD for vendor payments through an upcoming bill-pay product. The initiative aims to create a more interconnected payment ecosystem by encouraging merchants to bring their vendors into the PayPal network, streamlining transactions within a single platform. Meanwhile, Citadel Securities, the market-making powerhouse, is preparing to enter the digital asset trading space as a liquidity provider. This marks a significant shift from their previously cautious approach to digital asset markets. The firm's decision comes in anticipation of a boom under President Trump's administration, which has shown a favorable stance toward digital assets. Until now, Citadel Securities maintained limited exposure, avoiding retail-focused exchanges due to regulatory uncertainties in the US market. Also, XDC Network, in collaboration with FCA-regulated Archax, has launched tokenized versions of four major money market funds from abrdn, Fidelity International, BlackRock, and State Street on its Layer-1 blockchain platform. This initiative addresses growing institutional demand for regulated digital financial products, leveraging XDC's delegated proof-of-stake consensus mechanism that offers sub-second finality and near-zero gas fees. The development is part of a broader trend in real-world asset tokenization, which currently represents $11.5 billion on-chain and could reach $16 trillion by 2030. And, Circle has achieved a significant milestone as its stablecoins USDC and EURC become first recognized by the Dubai Financial Services Authority within the Dubai International Financial Centre.

[AI] OpenAI Unveils GPT-4.5, Google Releases Free Version Of Gemini Code Assist, Anthropic’s Claude 3.7 Sonnet and Claude Code and Alibaba Cloud Open-Sources Wan2.1 Series OpenAI has unveiled GPT-4.5, their largest and most knowledgeable model to date, focusing on enhanced unsupervised learning capabilities. The new model demonstrates improved contextual understanding, reduced hallucinations, and superior performance in everyday tasks. Initially available to ChatGPT Pro users and developers, it will expand to Plus, Team, and Education users in the coming weeks. Apparently, the model excels in natural conversation and deeper knowledge integration, although it doesn't utilize step-by-step reasoning like their OC series models. Meanwhile, Google has launched a free version of Gemini Code Assist, their AI-powered coding assistant, in public preview. The tool offers unprecedented access with up to 180,000 monthly code completions - 90 times more than competitors. Powered by Gemini 2.0, it supports all programming languages and features code completion, generation, chat-based assistance, and automated code reviews. The tool integrates with popular IDEs like Visual Studio Code and JetBrains, includes GitHub integration for code reviews, and allows teams to define custom style guides. While aimed at individual developers, enterprise versions offer advanced features for organizations. Also, Alibaba Cloud has open-sourced its Wan2.1 series, comprising four video foundational models from its Tongyi Wanxiang platform. These models, trained on up to 14 billion parameters, are now freely accessible to academics, researchers, and commercial institutions worldwide through Model Scope and Hugging Face platforms. And, Anthropic released Claude 3.7 Sonnet, its most intelligent model to date, offering both standard and extended thinking modes in a single model. It excels in coding and web development, achieving state-of-the-art performance on benchmarks like SWE-bench Verified and TAU-bench. Alongside the model, Anthropic introduces Claude Code, an agentic command-line tool for developers currently in limited research preview.

[Quantum Technology] Amazon Web Services Unveils Ocelot, Google Introduces Quantum-Safe Digital Signatures In Cloud Services and Quantum Machines Secures $170 Million. Amazon Web Services has unveiled Ocelot, its first quantum computing chip, designed to tackle quantum computing's biggest challenge: error correction. Developed at AWS's Center for Quantum Computing at Caltech, the chip employs 'cat qubits' that inherently suppress certain errors. This approach could reduce error correction costs by up to 90% compared to conventional methods. The chip comprises two integrated silicon microchips using superconducting circuits made from tantalum. AWS claims this advancement could accelerate their timeline to achieving practical quantum computing by up to five years. Meanwhile, Google has expanded its post-quantum cryptography capabilities by introducing quantum-safe digital signatures in Google Cloud Key Management Service. The new feature, available in preview, complies with NIST post-quantum cryptography standards and supports FIPS 204 and 205 digital signature algorithms. This development enables organizations to test and integrate quantum-resistant signatures into their security workflows, preparing for potential quantum computing threats. The update is part of Google's comprehensive strategy to strengthen encryption infrastructure across its cloud services. Also, Quantum Machines, a leading quantum control solutions provider, has secured $170 million in Series C funding, bringing their total funding to $280 million. The round was led by PSG Equity with participation from Intel Capital and others. The company's technology is now used by over 50% of quantum computing companies globally. QM's hybrid control technology enables complex quantum computations across various quantum computers, positioning them at the forefront of the industry's advancement toward systems with tens of thousands of qubits.

[General technology] LLM Training Data Exposes 12,000 Secrets, Auto-Color Linux Malware Targets Governments, and Lumma Stealer Spreads via Fake CAPTCHA PDFs. Researchers found nearly 12,000 live authentication secrets in a Common Crawl dataset used to train LLMs. This 400TB archive contains various credential types including AWS keys and Slack webhooks. Even invalid secrets in training data can reinforce insecure coding practices. A separate "Wayback Copilot" attack revealed that Microsoft Copilot can access private GitHub repositories that were once public, exposing over 300 sensitive tokens from major companies. Fine-tuning AI on insecure code can cause "emergent misalignment" beyond coding tasks. Additionally, all 17 GenAI products tested were vulnerable to various jailbreaking techniques that bypass safety controls through prompt injections or logit bias manipulation. Meanwhile, a sophisticated Linux malware called Auto-Color has been discovered by Palo Alto Networks Unit 42, targeting universities and government organizations in North America and Asia. The malware grants attackers full remote access to compromised systems through a stealthy approach, using innocent-looking filenames and proprietary encryption to avoid detection. Once installed, it establishes persistence by modifying system files and installing a malicious library, making removal particularly challenging. The malware enables attackers to control infected systems remotely, create reverse shells, and use compromised machines as communication relays. Also, researchers discovered a phishing campaign using fake CAPTCHA images in PDFs hosted on Webflow's CDN to deliver Lumma stealer malware. The campaign, affecting over 1,150 organizations and 7,000 users since mid-2024, uses SEO to trick victims through malicious search results. The PDFs contain fraudulent CAPTCHA images that either steal credit card information or redirect users to malicious sites employing the ClickFix technique to execute PowerShell scripts. Attackers upload PDFs to legitimate repositories to improve visibility. Lumma Stealer is a malware-as-a-service solution recently integrated with GhostSocks proxy malware, increasing its effectiveness for unauthorized access attempts.