Aave Labs introduced a mobile savings application on November 17, 2025, designed to compete with traditional banks and fintech platforms. The app offers annual interest rates up to 9% and insurance protection covering deposits up to $1 million. Users can fund accounts through stablecoins, bank transfers, or debit cards, with interest accruing continuously around the clock.

SlowMist identified critical security vulnerabilities in NOFX AI, an open-source crypto futures trading platform built on DeepSeek and Qwen architectures, that allowed attackers to access wallet private keys and exchange API credentials. Binance and OKX worked with SlowMist to identify affected users and revoke compromised credentials by November 17. The flaws affected multiple system versions, with authentication controls failing to protect administrator functions and sensitive endpoints returning API keys by default.

JPMorgan has launched its USD-denominated deposit token, JPM Coin (JPMD), on Base Layer 2 for institutional clients following a pilot program. The token enables 24/7 blockchain settlement while representing the bank's existing deposits. Major institutions including B2C2, Coinbase, and Mastercard have completed test transactions using JPMD.

The Hong Kong Monetary Authority launched the pilot phase of Project Ensemble on Thursday, moving from sandbox testing to live transactions using tokenized deposits and digital assets. The pilot will run through 2026, initially focusing on tokenized money-market fund transactions and real-time treasury management. Interbank settlement will be supported by the HKD Real Time Gross Settlement system.

Chainlink has expanded beyond its original oracle network function into full-stack blockchain infrastructure serving institutional finance. The protocol now supports over 80% of real-world asset data feeds and cross-chain interoperability solutions, according to Messari. Major banks including J.P. Morgan, UBS, and Fidelity are deploying Chainlink's Cross-Chain Interoperability Protocol for tokenized asset operations, with total value locked across tokenized RWA platforms exceeding $10 billion in 2025.

U.S. Securities and Exchange Commission Chairman Paul Atkins outlined the next stage of Project Crypto, establishing guidelines for digital asset regulation under federal securities laws. The framework categorizes tokens by function, excluding digital commodities, collectibles, and practical tokens from SEC oversight while maintaining regulation of tokenized securities.

The U.S. Department of Justice filed civil forfeiture complaints for $15.1 million in USDT seized from North Korean military hacking group APT38. The stablecoin was stolen in 2023 attacks against four international virtual currency platforms. Separately, five individuals pleaded guilty to facilitating a scheme in which North Korean IT workers used stolen identities to fraudulently secure employment at 136 U.S. companies.

Real-World Asset (RWA) tokens are showing resilience during the broader crypto market decline, with developer activity accelerating across major projects. Chainlink leads all RWA initiatives in development momentum, according to on-chain data. Hedera and Avalanche also rank among the top contributors to the sector's growth.