Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Launchpad
Be early to the next big token project
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
More
360 Responds to Security Lobster Private Key Leak: Caused by Business Mishap, Certificate for This Machine Only Has Been Revoked
Odaily Planet Daily reports that according to 1M AI News monitoring, the 360 Security Team responded to the security incident involving the OpenClaw wildcard certificate and private key leak, stating that it was a business mistake to include the internal domain certificate in the installation package. The affected certificate *.myclaw.360.cn actually resolves to 127.0.0.1, the local loopback address, used only on the user’s machine and not providing any external services.
After receiving reports from multiple security researchers, 360 has applied to revoke the certificate. The certificate is now invalid and can no longer be used for any legitimate HTTPS encrypted communication. Ordinary users are unaffected. While there remains a theoretical risk of man-in-the-middle attacks during the leak period, the actual risk is relatively limited since the certificate’s associated service only runs in the local environment.
Previous news: 360’s OpenClaw assistant installation package leaked SSL private keys; Zhou Hongyi previously promised “never to leak passwords.”