Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
SlowMist CISO: Bitwarden CLI was targeted by a supply chain attack, with malicious packages circulating for approximately 1.5 hours
Deep Tide TechFlow news: On April 24, SlowMist CISO 23pds (@im23pds) disclosed that the password management tool Bitwarden CLI version 2026.4.0 was subjected to a Checkmarx supply-chain attack between 17:57 and 19:30 Eastern Time on April 22. During the attack, the attacker abused a GitHub Action in the Bitwarden CI/CD pipeline to temporarily distribute malicious packages via npm.
The official confirmed that Vault data was not leaked and that production systems were unaffected; only users who installed this version via npm during that time window were impacted. The official recommends that affected users immediately uninstall 2026.4.0, clear the npm cache, rotate sensitive credentials such as API Token and SSH Key, investigate abnormal activity on GitHub and in CI, and upgrade to the fixed version 2026.4.1.