Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Launchpad
Be early to the next big token project
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
More
A massive supply chain breach has compromised over 400 NPM packages in what security researchers are calling a worm-style propagation attack. The incident specifically targeted critical infrastructure, affecting major ENS libraries and several widely-used crypto development tools. Attackers managed to exfiltrate developer authentication credentials along with private wallet keys, potentially exposing both project codebases and user funds. The attack vector appears to leverage dependency chains, allowing malicious code to spread automatically across connected packages. Development teams relying on affected libraries are urged to rotate credentials immediately and conduct thorough security audits of their deployment environments.
---
No wonder so many projects have gone wrong recently, it turns out the entire Supply Chain has been infiltrated
---
Wallet Private Key has been exposed? Oh my god, who would dare to use it now?
---
dependency is indeed a ticking time bomb, one bad package can cause a chain reaction
---
Now I have to change passwords and audit, the development team is probably going to collapse these days
---
This worm-like propagation is really hard to defend against, the security of npm's ecosystem definitely needs reflection.