Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Launchpad
Be early to the next big token project
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
More
Security alert hitting the ecosystem hard right now. A worm-based attack is tearing through multiple cryptocurrency packages, and it's not stopping there—Zapier integration tools and ENS domain services are also caught in the crossfire.
What's at stake? User credentials are being siphoned off, and there's growing concern that wallet private keys might be compromised too. The attack vector appears to be spreading through dependencies, which means the damage could be wider than initially visible.
Anyone using affected packages or connected services should assume breach protocol: rotate credentials immediately, check wallet activity for suspicious transactions, and hold off on any major transfers until the scope becomes clearer. This isn't just another phishing attempt—it's infrastructure-level compromise that could have ripple effects across projects relying on these tools.
Stay sharp out there. More details likely coming as teams investigate, but right now the priority is damage control.
Is the possibility of the private key being stolen really that high? I'm honestly worried.
I was still using Zapier yesterday, now I need to quickly check my Wallet.
This is truly an infrastructure nightmare; single point defenses are completely useless.
I'm in a panic, I have to rotate all my passwords...
Why are zero-day vulnerabilities coming one after another now? Is the ecological defense really this fragile?
Who incurred the biggest losses this time, is there any statistical data?
I feel like we need to start rectifying from the source dependency libraries, otherwise it’s impossible to defend against.
What I'm most afraid of now is that kind of silent drainage, by the time you notice, it's already gone.
Wait, am I also using these packages in my old project...
Private Key might be taken away? This time it's really ruthless, everyone hurry up and check your Wallet.
If the chain breaks, the entire ecosystem will suffer, that's the scariest part.
ENS also got hit? How many projects are going to be affected...
Stop bragging, it's time to hard switch to crypto, don't wait for an official statement.
This is clearly not the kind of fishing that is easy to handle, the destructive power at the infrastructure level is really extreme.
Pause the transfers for now, let's wait until the noise dies down before proceeding.
---
Infrastructure-level destruction, this is a big problem, who still dares to trust third-party tools
---
Everyone hurry up and change your passwords, I've already transferred the bulk to a cold wallet
---
Once the dependency chain collapses, it all falls apart, I've said before that this shouldn't be stacked up like this
---
Zapier also got hit? They really want to destroy us
---
Let's wait and see what happens next, I guess all the major teams are busy cleaning up right now
---
Losing credentials doesn't feel like the worst part, if the private key is really... then it's over
---
Is there anyone who knows the exact list of affected packages? Let's pull up the blacklist
---
We need to keep a close eye on wallet activities, it's the easiest time to get trapped
---
Indeed, there is nothing safe, only relatively safe operations.
---
Another supply chain attack... when can we live a good life?
---
The private key might be exposed? I'm panicking directly.
---
Quickly move your stuff to the cold wallet, everyone, or it will really be over.
---
ENS has been affected too? This time, a wave of suckers will be played for sure.
---
Infrastructure-level... this is much worse than simple phishing.
---
Why is it always through dependencies? How do we defend this time?
---
I feel like I have to rotate my password every month, it's so annoying.
---
When will Zapier fix their issues? I don't even dare to connect now.
---
This is the real black swan moment, right?
---
Calm down, first check the transaction history before saying anything else.