Bitcoin is trading at a decisive moment, holding just above the $90,000 mark after several days of tight consolidation. Despite reclaiming this key level, the market continues to struggle with upward momentum, leaving traders uncertain about the next major move. Yet beneath the surface, a key on-chain indicator has triggered fresh interest among analysts. According to top analyst Darkfost, the Hash Ribbons have just flashed a new buy signal — a development that historically aligns with strong medium-term performance for Bitcoin.

Darkfost emphasizes that this signal is not a cue to rush blindly into the market, but rather a meaningful piece of data worth highlighting. Hash Ribbon signals typically appear during periods of miner stress, when mining difficulty forces weaker miners to shut down.

These moments often precede significant accumulation phases, as selling pressure from distressed miners fades. With the exception of the unprecedented 2021 mining ban in China, every previous Hash Ribbon buy signal has produced profitable outcomes for patient investors.

Understanding The Bitcoin Hash Ribbons Signal

Darkfost explains that the Hash Ribbons indicator is built around the evolution of Bitcoin’s hashrate, comparing the 30-day and 60-day moving averages to detect periods of miner stress. When the 30-day MA of the hashrate falls below the 60-day MA, it signals that mining difficulty is rising relative to miner profitability.

In these phases, less efficient miners are often forced to scale back operations or shut down entirely, reducing the overall network hashrate.

While mining difficulty itself is influenced by several factors — including electricity costs, hardware efficiency, block rewards, and, of course, Bitcoin’s price — the key point is that miner capitulation tends to create short-term selling pressure. Miners may liquidate part of their reserves to stay afloat, often contributing to temporary weakness in the market.

However, Darkfost emphasizes that these periods of stress historically present strong mid-cycle accumulation opportunities. As weaker miners exit and difficulty adjusts downward, the market often enters a healthier phase where selling pressure subsides, and long-term participants begin to accumulate BTC at discounted prices.

Over the years, Hash Ribbon buy signals have frequently marked early stages of major recoveries, offering investors a structural, data-driven advantage even when sentiment appears uncertain.

Testing Support as Momentum Weakens

Bitcoin continues to trade just above the $90,000 level, showing signs of stabilization after several weeks of heavy downside momentum. The chart reveals that BTC has bounced off the 100-day moving average (green), which is now acting as a key dynamic support zone. This level has historically served as an important midpoint during major pullbacks, and the market’s ability to hold above it suggests that selling pressure may be easing.

However, the price remains well below the 50-day moving average (blue), which has begun to curve downward — a signal that short-term momentum still leans bearish. For a stronger recovery, Bitcoin must reclaim this moving average and convert it into support. Until then, rallies may struggle to extend meaningfully.

Volume has also compressed significantly compared to the earlier stages of the uptrend. This decline indicates hesitation from both buyers and sellers, often typical during consolidation phases following sharp corrections. The lack of aggressive selling is a constructive sign, but the absence of strong buy-side interest keeps BTC vulnerable to further swings.

If Bitcoin holds above the $90K–$88K area, it could build a base for a broader rebound. A breakdown below this region, however, would open the door to deeper retracements toward the mid-$80K range.

Featured image from ChatGPT, chart from TradingView.com

On-chain data shows the popular Bitcoin Hash Ribbons indicator has just given a miner capitulation signal. Here’s what this could mean.

Bitcoin Hash Ribbons Now Signaling Miner Stress

As pointed out by CryptoQuant author Darkfrost in an X post, the Bitcoin Hash Ribbons have shown a crossover that has historically corresponded to rising stress among the miners. The Hash Ribbons indicator aims to gauge the situation of the miners by comparing the 30-day and 60-day moving averages (MAs) of the BTC Hashrate, a metric that measures the total amount of computing power that the validators as a whole have connected to the blockchain.

The trend in the Hashrate can act as a representation of the sentiment among the miners, as they usually expand computing power (an increase in the Hashrate) when mining is profitable and/or they believe BTC is heading toward a bullish outcome, while they decommission mining rigs (a drop in the Hashrate) when they are having a hard time breaking even.

The Hash Ribbons indicator basically captures shifts between these two behaviors. When the 30-day ribbon falls below the 60-day one, it means miners are reducing power at a fast rate. This can be a sign that this group is going through capitulation.

Such a crossover has recently formed again for Bitcoin, as the chart below shared by Darkfrost shows.

Thus, it would appear that miners are once again in a phase of capitulation. “Historically, these periods of mining stress have been profitable for Bitcoin investors, with one exception during the 2021 mining ban in China,” noted the analyst.

The signal doesn’t act as a straightforward buy indicator, however, as mining capitulation often doesn’t directly coincide with a bottom. “In the short term, these periods tend to be bearish because miners may need to increase their selling to cover production costs,” explained Darkfrost.

In general, miner capitulation periods have tended to lead into profitable buying windows for the cryptocurrency, although it’s unpredictable how long such a phase would last. From the chart, it’s apparent that sometimes the Hash Ribbons signal has been quite brief, while other times it has been maintained for weeks.

As for what has forced miners to turn off Hashrate recently, the answer likely lies in the bearish trajectory that Bitcoin has witnessed. Miners obtain their reward in BTC denomination, so how the USD value of the coin fluctuates directly affects their dollar revenue.

Before this, miners had been in a phase of rapid expansion alongside the bull rally, which had led to an explosion in the network’s mining Difficulty. With the price plummeting and Difficulty being at extraordinary levels, miners have faced a double whammy during the past month.

BTC Price

Bitcoin saw a recovery above $92,000 on Monday, but it would appear that the asset wasn’t able to maintain it, as its price is now back at $90,300.

OPINION — “The [Defense] Secretary [Pete Hegseth] sent nonpublic DoD information [on March 15 at 11:44 EDT] identifying the quantity and strike times of manned U.S. aircraft over hostile [Houthi] territory [in Yemen] over an unapproved, unsecure network [Signal] approximately 2 to 4 hours before the execution of those [U.S. aircraft] strikes. Using a personal cell phone to conduct official business and send nonpublic DoD information through Signal risks potential compromise of sensitive DoD information, which could cause harm to DoD personnel and mission objectives.”

That was one finding from the December 2, Defense Department Inspector General (DoD IG)] report entitled Evaluation of the Secretary of Defense’s Reported Use of a Commercially Available Messaging Application for Official Business that was released last Wednesday.

Another finding was “We [Office of the DoD IG] concluded that the [Defense] Secretary [Hegseth] sent sensitive nonpublic, DoD operational information that he determined did not require classification over Signal on his personal cell phone. Although EO 13526 [Executive Order on Classified National Security Information] grants the [Defense] Secretary the authority to determine the proper level of classification of DoD information, we concluded that the Secretary’s actions did not comply with DoDI 8170.01 [DoD Policy for social media accounts] which prohibits using a personal device for official business and sending nonpublic information over a non-approved commercially available messaging application.”

So in that first finding the DoD IG found Hegseth’s message potentially endangered U.S. military members and their mission, and in the second finding the DoD IG said the Defense Secretary had violated DoD policy.

On Wednesday evening, after public release of the DoD IG report, Hegseth on X messaged, “No classified information. Total exoneration. Case closed. Houthis bombed into submission. Thank you for your attention to this IG report.” At roughly the same time, Pentagon spokesman Sean Parnell in a statement said: “Total exoneration of Secretary Hegseth and proves what we all knew – no classified information was shared. The matter is resolved and the case is closed.”

Of course the DoD IG report is the opposite of “total exoneration,” and by no means should the case be closed. In fact, this entire matter should have been an illustration to the Trump administration that it cannot get away with lying about serious matters, but nonetheless they have continued to try.

The history of this DoD IG report shows that Hegseth and others in the Trump administration even failed to cooperate in the IG’s investigation.

For example, the DoD IG report said frankly, “The Secretary declined to be interviewed for this evaluation.” Hegseth did, after four months, supply to the IG Office a July 25, one-page, five paragraph statement. In it, Hegseth used two paragraphs to defend the questioned details in his March 15, Signal chat message, arguing at one point the information was “either not classified, or that I could safely declassify [it].”

Meanwhile, there were other times of non-cooperation. The DOD IG report said, “We requested a copy of the Secretary’s communications on Signal on or about March 15. According to a senior official in the Office of the Secretary of Defense (OSD), the Secretary declined to provide us direct access to his personal cell phone.”

At another point, when the DoD IG was trying to get a full transcript of the March 15, Signal chat, it found that OSD had a consolidated version it received from the White House Counsel’s Office, but the request for a copy was declined “because it was not a DoD-created record.”

The DOD IG report, itself, originated from a request back on March 26, by Sens, Roger Wicker (R-Miss.) and Jack Reed (D-R.I.), the Chairman and Ranking Member of the Senate Armed Services Committee.

The two Senators were reacting to two articles dated March 24, and March 26, on The Atlantic website written by Editor Jeffrey Goldberg, who had described that somehow then-National Security Advisor Mike Waltz had made Goldberg part of a Signal chat group of senior Trump administration officials named the Houthi PC small group. The chat group included Vice President JD Vance, Secretary of State Marco Rubio, Secretary Hegseth, Director of the Central Intelligence Agency John Ratcliffe, and Director of National Intelligence Tulsi Gabbard.

What national security news are you missing today? Get full access to your own national security daily brief by upgrading toSubscriber+Member status.

Goldberg’s March 24, Atlantic article alleged that on March 15, the Signal chat group received from Hegseth sensitive war plans about the U.S. air strikes before they took place on Yemen that day. The Atlantic initially chose not to print those war plan details because potentially they contained classified information. Although the White House initially said the story seemed authentic, Hegseth initially said, “Nobody was texting war plans, and that’s all I have to say about that."

By the next day, the Trump administration had settled on their response. Appearing on March 25 before the Senate Select Committee on Intelligence, CIA Director Ratcliffe said, “The Secretary of Defense is the original classification authority, and my understanding is that his comments are that any information that he shared was not classified.” DNI Gabbard, appearing with Ratcliffe, echoed him saying, “There were no classified or intelligence equities that were included in that chat group at any time.”

After the denials, The Atlantic on March 26, then published Goldberg’s subsequent article which contained Hegseth’s pre-strike details. They gave the scheduled March 15 time of the first F-18 launch package; the time the first strike F-18s should reach “Target Terrorist;” the time of launch of MQ-9 strike drones; the time launch of second F-18 package; the time “when first bombs will definitely drop,” and the time when F-18 2nd package strike begins; and the time when the first sea-based Tomahawk missiles launched.

Although Hegseth claimed, “there were no details that would endanger our troops or the mission,” anyone who knew where the F-18s were based, their time of departure and the expected time bombs were to be dropped in Yemen might have been be able to determine the targets.

The DoD IG report concluded, “If this information had fallen into the hands of U.S. adversaries, Houthi forces might have been able to counter U.S. forces or reposition personnel and assets to avoid planned U.S. strikes. Even though these events did not ultimately occur, the Secretary’s actions created a risk to operational security that could have resulted in failed U.S. mission objectives and potential harm to U.S. pilots.”

Nominations for outstanding leaders in national security and intelligence are now open for the 2026 Cipher Brief Honors Dinner. Find out more here.

Another issue raised by the DOD IG report is that Hegseth was involved in other Signal chat groups into which he could have put additional classified information.

For example, the DOD IG reported, “One of the officials we spoke with stated that the Secretary posted the same sensitive operational information concerning the March 15, Houthi attack plans on the ‘Defense Team Huddle’ group chat.” That was a chat group Hegseth established from his personal and professional inner circle in January 2025, before his confirmation as defense secretary, and included Hegseth’s wife, Jennifer, who is a former Fox News producer.

The New York Times reported the Defense Team Huddle chat group also included Hegseth’s younger brother, Phil Hegseth, who has since become a senior adviser to the Defense Secretary and a DoD liaison officer to the Department of Homeland Security (DHS).

Other OSD officials told DoD IG investigators there are “multiple additional Signal group chats in which the Secretary allegedly participated to conduct official DoD business and transmit nonpublic DoD information,” according to the IG report. “Two officials stated that they were part of several group chats, and one of them stated that the Secretary and others used the chats to coordinate meetings, respond to media inquiries, or alert staff to check their official email accounts.”

That was another reason, the report said, “why we [DoD IG] requested copies of messages from these other Signal group chats, as well as access to the Secretary’s personal cell phone,” which so far have been unsuccessful.

I must conclude this article by saying that much credit goes to the DoD IG office, and Acting DoD IG Steven A. Stebbins. They did an admirable job on this inquiry given the lack of cooperation from their top bosses to this inquiry. They showed the professionalism looked for and needed in federal government employees.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The private messaging app Signal just announced the much-awaited feature for its users – secure…

Signal App Introduces Secure Cloud Backup For Chats on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses.

There are numerous free messaging apps around, but one of the most popular is Telegram. Telegram earned that reputation mainly because of two features: group chat facilities and security.  Its huge possibilities for groups and channels are unchallenged, but concerning security, there are some issues we have to explore.

Telegram is an open source app created by two Russian brothers, Nikolai and Pavel Durov. The app was banned from Russia, however, and the company now has offices in the United Kingdom, Germany, and Dubai. Concerning data storage, Telegram has a hybrid system where you can decide whether to store the data on your phone or one of the several servers worldwide. The first point of concern: Telegram has not subjected its app to an independent and experienced auditor. For that reason, it is wise to be suspicious.

You need a mobile phone number to register and use Telegram. Apart from that, the phone is not a necessary tool because Telegram also has desktop apps for Windows, Mac, and Linux. However, essential features like secret chats are not available on the desktop version. That can be confusing because you are not necessarily aware of some contacts not having read your secret chats because they do not use a mobile device.

How safe are these normal, secret chats? To start with normal chats, they are not encrypted at all. Even WhatsApp is safer in this regard. Sending normal messages in Telegram, therefore, is an absolute no-go. It is kind of confusing and problematic that encryption is not applied by default. Other secure messaging services – such as Signal – apply end-to-end (E2E) encryption on all communications (normal chats, group chats, and voicecalls) by default.

The group chat possibilities on Telegram are huge, with support for up to 200.000 members per group. These chats (cloud chats) are securely encrypted only in transit between devices. But the group chats are not safe. Telegram can read chat data since it handles the encryption and decryption of messages at the servers.

If you use the secret chat option, all messages are end-to-end encrypted using MTProto. Secret chats are not stored on the Telegram servers and can only be accessed through the sending and receiving devices. Secret chats also have auto self-destruct options and informs about the other end taking a screenshot, further increasing the security. Finally, voicecalls are automatically E2E encrypted and are considered to be secure.

If we take a closer look at the privacy policy and the encryption method – MTProto security – things start to get worse. The protocol has been criticized by several cryptography experts. Concerning Telegram’s privacy policy, Telegram can collect lots of personal information like IP address, devices, and history of usernames and keep it for up to twelve months. They will probably also use this to utilize aggregated metadata. Finally, the information in the cloud chats is not safe either, can be shared with linked companies, and could be provided to law enforcement institutions.

To be on the safe side, go for a more secure alternative like Signal. If you wish to continue using Telegram, be aware that your IP address will be saved. Therefore, install a VPN when making an account and to use the app. Furthermore, do not use your own phone number when creating an account, but use a paid or free SMS service (disposable SMS). Finally, only use secret chats and voicecalls. Keep these precautions in mind, and some Telegram features can be safe.

For individuals or groups who place high importance on privacy and security, there are far better alternatives, free or paid. Some examples are Signal, Threema, and Wire.

The post Is Telegram messenger secure? appeared first on Rana News.