• Public blockchains: Roadblock for banks due to clients' privacy concerns over balances and payments.
• Circle-Aleo partnership: Launches USDCx, a private stablecoin obscuring transaction histories.
• Howard Wu statement: Transparent blockchains leak business revenues and intelligence.
• Compliance feature: Transactions include records accessible by Circle for law enforcement.
• Public view: Transactions appear as unintelligible blobs of data.
• Privacy level: Described as banking-level, not absolute privacy.
• Institutional interest: BlackRock's BUIDL fund, Robinhood tokenized stocks, Stripe stablecoin investments.
• Further adoption: Interest from Request Finance, Toku, prediction markets; contrasts with volatile privacy coins like Zcash.

Blockchains are public databases. That’s an immediate roadblock for large institutions like banks, whose clients largely don’t want their balances and payments history open to prying eyes. Now, the crypto giant Circle has partnered with the blockchain Aleo to launch a “private” version of its stablecoin called USDCx, which will obscure transaction histories, Howard Wu, cofounder of Aleo, told Fortune.

Recommended Video

“People don’t want to reveal their business revenues. They don’t want to reveal business intelligence,” Wu said. “But the way that transparent blockchains work today unfortunately means that every time you transact, you are leaking that data.”

The new Circle-backed token, which like other stablecoins is pegged to underlying assets like the U.S. dollar, won’t be truly private. Every transaction of the token will include what Wu called a “compliance record,” which Circle will be able to access in case law enforcement or other authorities reach out about specific transactions. Still, for public users looking at a blockchain log, the transactions will look unintelligible and like “blobs of data,” Wu said. 

“This is banking-level privacy, as opposed to ‘privacy privacy,’” he added.

Big banks lean in

The launch of USDCx comes amid a broader push from the crypto industry to persuade big banks and institutions to use blockchain technology. That effort appears to be gaining traction, especially in the realm of tokenization, or the act of putting real-world assets like mortgages or even the U.S. dollar in blockchain wrappers.

The asset management giant BlackRock has launched its own tokenized money market fund BUIDL, the online brokerage Robinhood has dabbled in blockchain-based stock trading, and fintech giants like Stripe have invested huge sums of capital into stablecoins. “Every stock, every bond, every fund—every asset—can be tokenized,” Larry Fink, cofounder and CEO of BlackRock, said in his 2025 letter to investors.

Wu, the cofounder of Aleo, has seen interest in privacy-enabled stablecoins from a swathe of potential customers, including the crypto payroll processors Request Finance and Toku. He also said that prediction markets, or locales where gamblers can bet on real-world events and sports, are also interested in experimenting with stablecoins like USDCx.

Aleo, which specializes in private blockchain transactions, isn’t the only privacy-first technology of its kind in crypto. There are other cryptocurrencies—most famously Zcash—which also promise users encrypted transactions. However, these cryptocurrencies are much more volatile than stablecoins, which, as their name implies, are designed to stay stable relative to the U.S. dollar or other currencies.

Fortune Brainstorm AI returns to San Francisco Dec. 8–9 to convene the smartest people we know—technologists, entrepreneurs, Fortune Global 500 executives, investors, policymakers, and the brilliant minds in between—to explore and interrogate the most pressing questions about AI at another pivotal moment. Register here.

About the Author

By Ben WeissCrypto Reporter

LinkedIn iconTwitter icon

Ben Weiss is a crypto reporter at Fortune.

See full bioRight Arrow Button Icon

• Foundation Launch: OpenAI, Anthropic, and Block cofound Agentic AI Foundation to promote AI agent standards.
• Technology Transfer: Companies transfer Model Context Protocol (MCP), Agents.md, and Goose to the foundation.
• Open Development: Technologies were free; foundation enables contributions from others.
• Interoperability Goal: MCP as open standard allows cross-provider agent communication.
• Umbrella Organization: Operates under Linux Foundation with support for open source projects.
• Additional Members: Google, Microsoft, AWS, Bloomberg, and Cloudflare join the foundation.
• AI Paradigm Shift: Moves from chat-based to agentic AI for user actions and negotiations.
• Openness Context: Contrasts US API models with open source efforts including Chinese providers.

, Anthropic, and Block have cofounded a new open source organization—the Agentic AI Foundation—to promote standards for artificial intelligence agents.

The three companies are also transferring ownership of some widely used agentic technologies over to the foundation. This includes Anthropic’s Model Context Protocol (MCP), which allows agents to connect and interact; OpenAI’s Agents.md, which lets programs and websites specify rules for coding agents; and Goose, a framework for building agents developed by Block. These technologies were already free to use, but through the new foundation it will be possible for others to contribute to their development.

“MCP is used by many companies, but there are others [who don’t use it],” says Nick Cooper, who leads work on the protocol at OpenAI. Cooper says that making MCP an open standard should encourage developers and companies to embrace it and build systems that integrate agentic AI. “That open interoperability—that open standard—really means that companies can talk across providers, and across agentic systems.”

Featured Video

The Agentic AI Foundation is being created under the Linux Foundation, which oversees development of the widely used open source Linux operating system as well as other projects. The foundation provides legal and technological support for the creation of open source foundations. Other companies who have signed on to the AAIF, beyond the three founding members, include Google, Microsoft, AWS, Bloomberg, and Cloudflare.

The new foundation reflects a nascent shift from chat-based AI systems to greater use of programs that take actions on behalf of users. This kind of agentic AI promises a potentially lucrative new paradigm in which AI agents use the web and negotiate with one another to power all sorts of applications. Consumers may, for example, use AI assistants to buy and book things, while businesses use AI agents to manage transactions and customer interactions.

Srinivas Narayanan, chief technology officer of B2B applications at OpenAI, envisions a time when large numbers of AI agents routinely communicate with one another in the course of business. The AI industry working across the same open standards should help ensure that those interactions happen seamlessly. “Open source is going to play a very big role in how AI is shaped and adopted in the real world,” Narayanan says.

The question of openness seems crucial to AI right now. US companies mostly make money by offering access to powerful closed models through application programming interfaces, or APIs. Meta previously released the weights for its best model, Llama, so that anyone could download and run it, although the company has recently signaled a shift to a more closed approach. A number of Chinese AI companies, including DeepSeek, Alibaba, Moonshot AI, and Z.ai, provide strong open source models that have become popular with developers, startups, and AI researchers. Some worry that this picture could give Chinese firms a big strategic advantage over time.

• Spanish hacker arrest: National Police arrested 19-year-old in Barcelona for stealing 64 million records from nine companies.
• Charges faced: Cybercrime involvement, unauthorized access, private data disclosure, and privacy violations.
• Data obtained: Full names, home addresses, emails, phone numbers, DNI numbers, and IBAN codes.
• Sales activity: Attempted to sell records on hacker forums using six accounts and five pseudonyms.
• Investigation details: Launched in June after breaches detected; suspect located in Igualada, Barcelona.
• Arrest seizures: Computers and cryptocurrency wallets with funds from data sales confiscated last week.
• Ukrainian hacker arrest: 22-year-old detained for custom malware hacking social network accounts, mainly US and EU victims.
• Ukrainian charges: Up to 15 years prison under Criminal Code Article 361, plus activity restrictions; sold access via 5,000-account bot farm.

The National Police in Spain have arrested a suspected 19-year-old hacker in Barcelona, for allegedly stealing and attempting to sell 64 million records obtained from breaches at nine companies.

The teen now faces charges related to involvement in cybercrime, unauthorized access and disclosure of private data, and privacy violations.

"The cybercriminal accessed nine different companies where he obtained millions of private personal records that he later sold online," reads the police's announcement.

The police launched an investigation into the cybercriminal in June, after the authorities became aware of breaches at the unnamed firms.

Eventually, the suspect was located in Igualada, Barcelona, and it was confirmed that he held 64,000,000 private records. These records include full names, home addresses, email addresses, phone numbers, DNI numbers, and IBAN codes.

It is unclear how many total individuals were impacted by the breach.

The police mention that the detainee attempted to sell the information on various hacker forums, using six different accounts and five pseudonyms.

The 19-year-old was arrested last week, and during the action, police agents also confiscated computers and cryptocurrency wallets containing funds believed to be from data sales.

Data broker also arrested in Ukraine

In parallel but unrelated news, the cyberpolice in Ukraine have announced the arrest of a 22-year-old cybercriminal who used a custom malware he developed to automatically hack user accounts on social networks and other platforms.

Most of the hacker's victims were based in the United States and various European countries.

The offender then proceeded to sell access to the compromised accounts, which he boosted using a bot farm of 5,000 accounts, on various hacking forums.

The arrested man now faces up to 15 years in prison for violations of Ukraine's Criminal Code (Article 361), as well as deprivation of the right to hold certain positions or engage in certain activities for up to three years.

Break down IAM silos like Bitpanda, KnowBe4, and PathAI

Broken IAM isn't just an IT problem - the impact ripples across your whole business.

This practical guide covers why traditional IAM practices fail to keep up with modern demands, examples of what "good" IAM looks like, and a simple checklist for building a scalable strategy.

Related Articles:

Poland arrests Ukrainians utilizing 'advanced' hacking equipment

Barts Health NHS discloses data breach after Oracle zero-day hack

Dartmouth College confirms data breach after Clop extortion attack

Hacker claims to steal 2.3TB data from Italian rail group, Almaviva

Spain dismantles “GXC Team” cybercrime syndicate, arrests leader

• Defense Department selection: Chose Alphabet Inc.’s Gemini for Government system for AI capability to three million civilian and military employees.
• Defense Secretary statement: Pete Hegseth said in X video that the future of American warfare is AI, aiding quick analysis of video and imagery.
• Platform name: New platform known as GenAI.mil.
• Pentagon description: Designed to usher in AI-driven culture change dominating the digital battlefield for years.
• Google Cloud contract: Announced $200 million contract in July to provide AI to DoD’s Chief Digital and Artificial Intelligence Office.
• Other AI firms: OpenAI, xAI, and Anthropic PBC received similar up-to-$200 million contracts.
• Existing Google services: Provides AI capabilities to US Navy and Air Force.
• Additional Google role: Supplies AI to Pentagon’s Defense Innovation Unit.

The Defense Department said it has chosen Alphabet Inc.’s Gemini for Government system to deliver artificial intelligence capability for its roughly three million civilian and military employees.

“The future of American warfare is here, and it’s spelled AI,” Defense Secretary Pete Hegseth said in a video posted to X on Tuesday, adding the software will help the military quickly analyze video and imagery.

The new platform, known as GenAI.mil, is designed to usher in an “AI-driven culture change that will dominate the digital battlefield for years to come,” the Pentagon said in a statement.

In July, Alphabet’s Google Cloud announced a $200 million contract to provide AI capabilities to the Department of Defense, with other prominent AI firms including OpenAI, Elon Musk’s xAI and Anthropic PBC also receiving similar contracts.

Google already provides AI capabilities to the US Navy, Air Force and the Pentagon’s Defense Innovation Unit.

• Common assumption: People expected more phishing vulnerability on mobiles due to multitasking.
• Study finding: Mobile users more risk-avoidant, less likely to click dangerous links than PC users.
• Real-world data: Analyzed 499,781 URL requests from home routers over one week, 2.4% unsafe.
• Device breakdown: 80% unsafe requests from PCs, 20% from mobiles.
• Lab experiment: 257 participants assigned to mobile or PC, faced simulated phishing pop-up during task.
• Lab results: 57% avoided clicking; 64% of avoiders on mobiles, 36% on PCs.
• Phishing types: Similar avoidance for clear risks; PCs more clicked unclear malicious links.
• Explanation and advice: Low-attention mobile use prompts avoidance; train instinctive safe habits.

By

Lisa Ward

1

Jon Krause

You might think people would be more likely to fall for phishing scams on mobile phones because they are often on the go or multitasking when using them.

A recent study, however, suggests the opposite is true. The researchers found that people tend to become more risk-avoidant when using a mobile phone versus a personal computer, making them less likely to click on potentially dangerous messages and links.

“It’s counterintuitive,” says Naama Ilany-Tzur, an assistant professor at Carnegie Mellon University and one of the study’s authors.

In one part of the paper, the researchers collected anonymized data from companies that provide home-internet routers. They looked at 499,781 URL requests over a single week to determine whether the requested site, image or content was safe or not. They found that about 2.4% of the URL requests were unsafe.

The authors then looked at the type of device used to make the unsafe URL requests. They found that about 80% of the unsafe requests were from PC users, and about 20% were from mobile users.

In the lab

The researchers then sought to replicate the findings from that real-world experiment in a laboratory setting, to control for unknown variables that might have affected the results.

They recruited 257 participants and randomly assigned half to use a mobile phone and half to use a personal computer. Participants were asked to analyze images on their device. In the middle of the task, there was a simulated phishing attack, where an ad popped up and asked participants to click on a link. Some participants were shown links that were clearly risky, such as a link containing a misspelling, while others were shown links where the risk was unclear.

Almost 57% of the participants overall didn’t click on the link, avoiding the phishing attack. Of those, about 64% were using mobile phones and 36% were using personal computers.

The researchers then looked at what type of phishing links study participants were most likely to fall for. They found that when a phishing pop-up had clear malevolent telltales, like misspellings, the phone and PC users tended to avoid it at similar rates. But when it was less clear that a link was malicious, PC users were more likely than the phone users to click on it. The same pattern was found in a subsequent experiment.

Avoidant behavior

The findings suggested to Ilany-Tzur that mobile users might not be thinking about cyber risk logically, but instead just avoiding links altogether.

When people use their mobile phones they are often multitasking or they are using their phones in what Ilany-Tzur calls “low-attention contexts,” like lying in bed. Because people often tend to be less focused in these situations, they may be more inclined to avoid engaging in risky behavior. That is, people may be more likely to just avoid clicking on any dubious link rather than try to deliberately suss out the overall risk, she says. That risk-avoidant behavior could be the default anytime someone uses their phone.

According to Ilany-Tzur, the study’s takeaway isn’t that paying less attention is a good way to avoid phishing attacks; rather, it’s that we should focus on ways to make safe responses to cyber threats more automatic or instinctive.

For example, cybersecurity training could teach simple, practiced routines and focus on creating habits, so that avoiding risky links becomes second nature. That way “people can avoid phishing attempts without having to rely on constant vigilance or overthinking every click,” she says.

Lisa Ward is a writer in Vermont. She can be reached at reports@wsj.com.

Cybersecurity

Read the full report

Before Your Doctor Uses AI to Record Your Visits, Ask These Questions

The Hidden Emotional Toll on Victims of Data Breaches

The Latest Tools for Making Sure Your Cellphone Is Secure

Cybercriminals Use AI to Create Fake Websites That Look Just Like the Real Thing

What Are Passkeys—and What Do You Need to Know About Using Them?

Do You Need a Personal Cybersecurity Concierge?

How Effective Is Corporate Cybersecurity Training? Not Very, It Seems

How to Make Sure Information on Your Old Computer Is Really, Truly Deleted

Copyright ©2025 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

Next in Journal Reports

[

Journal Reports

Nvidia Takes Top Spot in the List of Best-Managed Companies of 2025

By Theo Francis

December 8, 2025 at 2:03 PM ET

Tech companies continue to dominate in the Drucker Institute’s annual ranking, although Intel and Adobe saw major drops

](https://www.wsj.com/business/c-suite/nvidia-wins-best-managed-companies-ranking-2025-2297969d)

More Journal Reports Articles

[

Journal Reports

Stock Funds Up 12.6% as Year Nears an End

By William Power

December 7, 2025 at 4:00 PM ET

](https://www.wsj.com/finance/investing/stock-funds-up-12-6-for-year-a73e0b5b)

[

Journal Reports

Lower Your Taxes With These Five Often-Missed Credits

By Lori Ioannou

December 7, 2025 at 3:00 PM ET

](https://www.wsj.com/personal-finance/taxes/tax-credits-retirement-dependents-learning-17385773)

[

Journal Reports

His Grandfather’s Funeral Felt So…Cold. So He Came Up With a New Business.

By Elizabeth Garone

December 6, 2025 at 6:00 PM ET

](https://www.wsj.com/business/entrepreneurship/justin-crowe-parting-stone-founder-892c8a05)

Videos

• Trump's Approval: Permits Nvidia H200 AI chip sales to China, balancing national security, jobs, and AI leadership.
• Nvidia Gains: Access to major Chinese market, potentially $5 billion in quarterly orders.
• China's Advantage: Receives high-end semiconductors superior to domestic production.
• Security Concerns: Hawks argue restrictions needed to limit China's military and advanced AI development.
• Smuggling Disruptions: Operation Gatekeeper stops networks smuggling $160 million in restricted Nvidia chips using fake labels.
• H200 Power: Six times more capable than prior China-specific H20, ahead of rivals like Huawei.
• DeepSeek Achievement: Builds competitive chatbot using only 2,048 throttled Nvidia chips.
• Nvidia Position: Export controls drive China self-reliance; welcomes vetted H200 sales as balanced approach.

By letting Nvidia NVDA 1.72%increase; green up pointing triangle sell its H200 artificial-intelligence chips to China, he gave the U.S. company the giant market it demanded. But he also handed China’s AI industry what it couldn’t build itself: the high-end semiconductors needed to rival America.

Until Monday, a political debate swirled around these chips. National-security hawks argued they had to be withheld to stifle China’s development of military weaponry and, perhaps one day, advanced AI systems that outfox humans.

On the other side was Nvidia with this counterargument: Chinese cash fuels American innovation.

Trump effectively settled the argument by siding with the world’s most valuable company. “We will protect National Security, create American Jobs, and keep America’s lead in AI,” he wrote on social media. 

While the mechanics of the deal remain fuzzy—Trump said Washington would collect 25% of Nvidia’s China sales without explaining how—the winners are clear. First is Nvidia, the undisputed AI chip leader, which estimated it could ship up to $5 billion in orders to China every quarter without geopolitical constraints.

The second is China itself. Its domestic chip makers make inferior products—and not enough of them. One famous Chinese startup, DeepSeek, has already shown it can do surprising things with relatively few Nvidia chips.

Jensen Huang, chief executive officer of Nvidia, in Washington, D.C., last week. Graeme Sloan/Bloomberg News

It is clear Chinese buyers want these chips. A Justice Department case disclosed Monday helps demonstrate that. The U.S. Attorney’s Office in Houston announced that “Operation Gatekeeper” disrupted a network trying to smuggle at least $160 million of restricted artificial-intelligence chips to China and elsewhere.

Since the U.S. restricted sales of Nvidia’s top products to China in 2022 for national-security reasons, Chinese buyers have gone to extraordinary lengths to get them. They smuggled chips in suitcases. They rented computing power abroad.

Operation Gatekeeper revealed another tactic: fake labels.

Prosecutors say a Chinese man in Brooklyn bought chips, falsely indicating they were for customers in the U.S. or unrestricted countries. He and his team allegedly removed Nvidia labels from the products, retagging them with the name of a fake company: “Sandkyan.”

They then allegedly misclassified the chips as generic computer parts to ship them to China or Hong Kong. The man, now in custody and facing up to 10 years in prison, conspired with employees of a Hong Kong logistics company and a Chinese AI company, prosecutors said.

Operation Gatekeeper also targeted Alan Hao Hsu and his Houston company for exporting or trying to export at least $160 million of Nvidia’s H200 and older H100 chips to China, Hong Kong and elsewhere. He pleaded guilty and faces sentencing in February. He didn’t respond to a request for comment.

“The country that controls these chips will control AI technology,” said Nicholas Ganjei, the U.S. attorney in Houston. “The country that controls AI technology will control the future.”

Hours later, Trump said China could have some of those very chips. 

Old but powerful

Released in early 2024, the H200 is roughly one generation older than Nvidia’s newer Blackwell chips. To some national-security hawks, that is still too powerful for China.

There is a reason for the underground market, suggests a report from the Institute for Progress, a Washington, D.C., think tank. The H200 is about six times as powerful as Nvidia’s previous flagship chip in China, called the H20. The H200 is likewise far better than anything from Chinese rivals such as Huawei, the think tank said.

The U.S. holds a wide lead in computing power, it said, because China can’t manufacture enough AI chips to meet domestic demand. Selling H200s to China would shrink the gap, partly wiping out gains the U.S. gets from newer Nvidia chips, it said.

Trump and Commerce Secretary Howard Lutnick “need to answer to Congress on why they are selling out U.S. security,” Sen. Elizabeth Warren (D., Mass.) wrote on X.

President Trump said he would block China from getting Nvidia’s best chips. Alex Wong/Getty Images

Biden administration officials sought to maintain a big gap, fearing anything that might aid China’s march toward the next goal of AI pioneers: artificial general intelligence. AGI systems may be transformative, by independently thinking, adapting and making decisions like a human.

China’s most famous AI export has already shown that it can close that gap with second-rate hardware.

In January, DeepSeek triggered a $1 trillion stock market rout with a chatbot rivaling America’s best. It said it had trained one of its models with only 2,048 of Nvidia’s previous China-specific chips, which had been throttled to satisfy U.S. restrictions.

New precedent?

Nvidia opposes strict export controls. Its case: Better to keep Chinese companies in Nvidia’s ecosystem, where their spending and know-how fuels U.S. leadership. Export controls backfire by driving China to indigenize its chip industry faster than it otherwise would, the company argues.

Trump said on Truth Social that he would block China from getting Nvidia’s best, observing that Nvidia’s U.S. customers “are already moving forward with their incredible, highly advanced Blackwell chips.” 

Nvidia’s hope: As technology advances, Washington clears older chips for export every couple of years.

“We applaud President Trump’s decision,” an Nvidia spokesman said. “Offering H200 to approved commercial customers, vetted by the Department of Commerce, strikes a thoughtful balance that is great for America.”

Write to Stu Woo at Stu.Woo@wsj.com

What’s Next for Nvidia

From global trade tensions to AI

China’s Answer to Nvidia Soars 425% in Debut

Nvidia Margins: Google, AMD Opportunity

Google Factors Into AI Trade More Strongly

The Chip CEO Staring Down Nvidia