GoPlus Security 🚦 Re-poster

The prediction market sector is expanding rapidly, yet participants continue to face a pair of persistent challenges. First, there is the potential for outcome manipulation. Certain markets depend on declarations from just one organization, which makes it difficult to spot risks ahead of time. Second, settlement guidelines are often confusing and deceptive. These regulations can be overly lengthy, ambiguous, or conceal critical stipulations.

To solve these problems, the latest update to the GoPredict plugin brings three brand-new capabilities. The Manipulation Risk Analysis tool evaluates if a single group has the power to dictate the final result of a market. Meanwhile, the Rule Risk Alerts function utilizes artificial intelligence to review market guidelines, highlighting any subjective terminology, abnormal settlement terms, or buried clauses. Finally, Plain-Language Tag Explanations take complicated metrics, such as market imbalance and liquidity, and break them down into easily understandable terms.

Ultimately, GoPredict is enhancing the prediction market landscape by delivering elevated transparency for rules, a better understanding of potential risks, and a solid foundation for making safer decisions. You can experience these improvements firsthand by installing the #GoPlus plugin and testing out GoPredict today.

Latest Updates to the GoPlus GoPredict Plugin

The popularity of prediction markets is expanding rapidly, yet participants continue to face a pair of persistent challenges. First, there is a vulnerability to outcome manipulation. Certain markets depend entirely on statements from an individual organization, which creates unforeseen hazards that are difficult to spot ahead of time. Second, the guidelines governing these markets are often confusing and deceptive. The terms for settlement can be excessively lengthy, ambiguous, or conceal critical stipulations.

To resolve these ongoing problems, GoPredict has rolled out three innovative capabilities.

The first addition is Manipulation Risk Analysis, which evaluates the market to determine if a solitary group holds the power to dictate the final result.

Next, through Rule Risk Alerts, artificial intelligence reviews the market guidelines to highlight any obscure provisions, subjective wording, and atypical terms for settlement.

Finally, the Plain-Language Tag Explanations function takes complicated metrics, such as market imbalance and liquidity, and breaks them down into easily understandable descriptions.

By implementing these enhancements, GoPredict ensures that prediction markets offer improved transparency in their regulations, easily identifiable risks, and a more secure environment for making choices. You can experience these benefits firsthand by installing the GoPlus plugin and exploring GoPredict today.

Artificial intelligence agents possess the powerful ability to access your files, execute transactions, and control your assets. However, a significant problem arises when users install new capabilities without entirely understanding their underlying functions, allowing potential risks to escalate rapidly.

To gauge the reality of this threat, we carried out a complete static analysis on the 100 most frequently downloaded Skills available in the ClawHub ecosystem. The findings were highly alarming. While 62% of the tools successfully passed our checks, 17% were identified as medium risk and 21% were flagged as high risk. This data reveals that 1 in 5 popular Skills contains dangerous capabilities. Some of the most critical vulnerabilities discovered include automated external requests, sensitive API access, and network tunneling.

To combat this growing issue, we are incredibly proud to present #GoPlus SafuSkill, a dedicated, security-first marketplace designed specifically for AI Agent Skills.

Built directly on @BNBCHAIN, this platform establishes a security-first infrastructure for the entire AI Agent ecosystem. SafuSkill conveniently unifies robust developer tools, rigorous security scanning, and an easy-to-use interface for Skills discovery and browsing all in one single hub.

Experience a safer way to upgrade your digital tools and try it now.

🚀Introducing #GoPlus SafuSkill
— A Security-First Skills Marketplace

We conducted a full static analysis of the top 100 most frequently downloaded Skills in the ClawHub ecosystem.

The results were alarming:

🔴 21% High Risk
⚠️ 17% Medium Risk
✅ 62% Passed

Which means:

1 in 5 popular Skills contains dangerous capabilities.

For example:

-Network tunneling
-Sensitive API access
-Automated external requests

The problem is:

AI Agent Skills can:

-Access your files
-Execute transactions
-Control your assets

When users install Skills without fully understanding what they do,the risk can quickly escalate.

That’s why #GoPlus introduces:

🛡️ GoPlus SafuSkill

The security-first marketplace for AI Agent Skills.

SafuSkill is built on @BNBCHAIN, bringing together Skills browsing and discovery, security scanning, and developer tools to provide security-first infrastructure for the AI Agent ecosystem.

👉Try it now →

Important Notice from GoPlus Security

We want to share a critical safety update with our community. An unfortunate incident recently took place in which a cryptocurrency user lost approximately $53K in PAXG. This theft happened because the individual unknowingly authorized a harmful #Approve request, granting a phishing scammer the necessary access to sweep the funds.

For transparency and tracking, the impacted wallet is 0x073B9767C6cC34E289692B973Da6b2312562eC0C.

Please remain highly vigilant and avoid any interaction with the following addresses, which are directly associated with the attacker:
0xAfb2423F447D3e16931164C9970B9741aAb1723E
0x6fE314fD4CF845f35fc461eD98e2FB8d9356B566
0xf1A50bbebA19a85dB20432c6c201aa89604dfd2B
0x1b4e4AC5f5E2eDf843F79123c52C3a2589AC1589

To ensure your digital assets remain protected, we strongly suggest keeping a few vital safety measures in mind. Always adhere to the #GoPlus Anti-Phishing 4 Don'ts: Don't click, don't install, don't sign, and don't transfer.

Additionally, you can greatly enhance your defenses by equipping your browser with the GoPlus Security plugin. This helpful tool constantly monitors your activity to instantly intercept and block malicious phishing links, dangerous signatures, risky approvals, and suspicious transactions in real time.

Important Update from GoPlus Security

We want to share a recent incident to help you stay safe in the digital space. An individual recently lost about $53K in PAXG. This unfortunate event happened because the user authorized a fraudulent #Approve request, which granted a phishing attacker the access needed to move the assets out of the wallet.

For transparency and tracking, the affected victim address is:
0x073B9767C6cC34E289692B973Da6b2312562eC0C

The funds were connected to the following phishing addresses:
0xAfb2423F447D3e16931164C9970B9741aAb1723E
0x6fE314fD4CF845f35fc461eD98e2FB8d9356B566
0xf1A50bbebA19a85dB20432c6c201aa89604dfd2B
0x1b4e4AC5f5E2eDf843F79123c52C3a2589AC1589

Essential #GoPlus Safety Guidelines

To protect yourself from similar threats, we highly encourage you to follow the #GoPlus Four Don'ts Anti-Phishing Principle. Simply put: do not click, do not install, do not sign, and do not transfer.

Breaking this down further into everyday practice:
Please avoid clicking on any unfamiliar links.
Never download or install software from sources you cannot verify.
Do not authorize or sign any wallet transactions if the details are confusing or unclear.
Refrain from sending funds to any address that has not been thoroughly checked.

To effortlessly enhance your safety, consider downloading the GoPlus Security plugin. This helpful tool provides real-time defense by instantly blocking phishing web links, dangerous approval requests, risky signatures, and suspicious transactions before they can cause harm.

🚨 GoPlus Security Alert:

A user lost approximately $53K worth of PAXG after signing a malicious #Approve transaction, allowing the phishing attacker to transfer the funds.

Victim Address:
0x073B9767C6cC34E289692B973Da6b2312562eC0C

Phishing Addresses:
0xAfb2423F447D3e16931164C9970B9741aAb1723E
0x6fE314fD4CF845f35fc461eD98e2FB8d9356B566
0xf1A50bbebA19a85dB20432c6c201aa89604dfd2B
0x1b4e4AC5f5E2eDf843F79123c52C3a2589AC1589

🛡 #GoPlus Security Tips:
Remember the #GoPlus “Four Don’ts” Anti-Phishing Principle — Don’t click, don’t install, don’t sign, don’t transfer:
Don’t click unknown links
Don’t install software from unverified sources
Don’t sign unclear wallet transactions
Don’t transfer funds to unverified addresses
Install the GoPlus Security plugin to block phishing links, risky signatures, approvals, and transactions in real time 👉

Urgent Update from GoPlus Security

Please be on high alert regarding fraudulent installers appearing as the primary advertisements or results on Google Search when looking for #ClaudeCode.

Cybercriminals are currently exploiting Google ads to distribute malware through a site that acts as a pixel-perfect clone of the legitimate installation page. If this software is deployed on your device, it has the capability to exfiltrate a wide range of private data, including your crypto wallets, session tokens, system information, cookies, passwords, and other credentials.

To protect yourself, please adhere to these #GoPlus safety guidelines:

1. Scrutinize Website Links and Ad Labels
Always check if a search result is tagged as an Ad. Furthermore, you should closely examine the URL to detect any slight deviations from the authentic website address.

2. Cross-Reference Information Sources
Do not depend solely on a single search engine result. It is best to validate installation procedures by consulting trusted platforms, such as official GitHub repositories, authorized social media accounts, and the project's formal documentation.

3. Evaluate Commands Before Execution
Refrain from running any commands that look unfamiliar. Ensure you fully comprehend the function of a command before you allow it to execute.

4. Enable the GoPlus Security Plugin / Skill
Equip yourself with dual-layer protection designed to automatically prevent sensitive file writing and block dangerous commands. For immediate defense against phishing sites, risky signatures, unauthorized approvals, and malicious transactions, visit: https://t.co/FHHKZyzH1j

GoPlus Security Update: An exploit targeting #Gondi has led to approximately ~$230K in losses

We have detected a security breach involving @gondixyz, an NFT liquidity protocol operating on the #ETH network. This incident facilitated the unauthorized transfer of multiple NFTs, resulting in total estimated damages of ~$230K.

To protect your assets, it is crucial that you check your wallet settings. If you have previously authorized the contract address 0xc10472ac1bf9f2e58ff2c83596b4535334c90814, please revoke these permissions immediately.

Below are the specific details identifying the entities involved in this event:

The Perpetrator's Address:
0x8D171c74c85CD2Ec9F38143Dd5d8a7c89DF47051

The Malicious Contract Used:
0xe95e3cfC4939D6D98DBDa31AAfE950c3Ee84d73c

The Affected Contract:
0xc10472AC1BF9F2E58Ff2C83596b4535334c90814

You can review the associated transaction history here:
https://t.co/JAiFXWU1x1

GoPlus AI Security Update: Silent AI Installations Breach More Than 4,000 Devices

A concerning security event has resulted in over 4,000 devices inadvertently downloading OpenClaw. Malicious actors achieved this widespread compromise solely by creating a GitHub Issue that contained a payload designed for prompt injection.

This occurrence sheds light on an emerging threat category: the recursive AI supply chain attack. The vulnerability exploits the confidence developers place in established utilities, such as Cline. In this specific scenario, once Cline was successfully manipulated, it automatically deployed a secondary application, OpenClaw. This secondary tool functions autonomously and is capable of executing high-privilege operations, including the running of shell commands and the retrieval of sensitive credentials.

The most alarming aspect of this breach is the stealth involved. Because users trust the primary tool, they remain completely unaware of the secondary tool's presence. If a future iteration of this attack were to substitute the secondary tool for genuine malware or a backdoor, the consequences could be devastating.

#GoPlus Security Advice:
The Clinejection event stands as a critical alert for the development community. We strongly suggest utilizing isolated workspaces, such as virtual machines or sandboxes, whenever you are running AI agents or engaging in AI-assisted coding. Furthermore, it is essential to enhance security oversight regarding how agents execute tasks. improved monitoring is necessary to block novel attack strategies from quietly deploying malicious software onto your systems.

Read more:

Important Security Update from GoPlus AI:

We have identified a stealthy exploit where artificial intelligence creates a recursive loop to install further AI software without detection. This specific attack has already affected over 4,000 devices, leaving the developers who own them completely unaware of the breach.

The method involved attackers submitting a standard GitHub Issue containing a hidden prompt injection payload. This action forced the user devices to unintentionally install OpenClaw. This situation brings to light a fresh danger in the realm of recursive AI supply chain attacks.

Here is how the chain of trust was broken: Developers placed their confidence in a primary tool called Cline. Once Cline was compromised by the payload, it automatically installed a secondary tool, OpenClaw. This secondary program runs autonomously and is capable of high-privilege activities, including accessing credentials and executing shell commands.

The critical danger lies in the blind spot created by the trusted tool. Users may never realize the second tool exists. If a future attack replaces OpenClaw with actual malware or a backdoor, the consequences could be severe.

#GoPlus Security Recommendation:
The Clinejection incident is a significant wake-up call. To stay safe, we strongly recommend that developers operate within isolated environments, such as virtual machines or sandboxes, when running AI agents or performing AI-assisted coding. Furthermore, please enforce stricter monitoring of agent execution processes to ensure no unauthorized software is silently deployed to your equipment.

Discover the full details here:

Security Update from GoPlus AI: Over 4,000 Devices Affected by Silent AI Installation

Through the submission of a GitHub Issue containing a prompt injection payload, attackers successfully manipulated more than 4,000 devices into unintentionally installing OpenClaw. This occurrence brings to light a novel risk involving recursive AI supply chain attacks. The vulnerability exploits the trust developers have in a tool named Cline. After Cline was compromised, it facilitated the installation of a second tool, OpenClaw, which functions independently and is capable of high-privilege operations like credential access and shell command execution.

The most alarming aspect of this scenario is that because users trust the primary tool, the installation of the secondary software often goes undetected. Should this secondary tool be replaced with actual malware or a backdoor in the future, the consequences could be severe.

#GoPlusSecurity Recommendation:
Developers should view the Clinejection incident as a significant warning. We strongly suggest employing isolated environments, such as sandboxes or virtual machines, whenever running AI agents or performing AI coding. In addition, it is crucial to bolster security monitoring around agent execution processes to prevent sophisticated attack methods from silently implanting malware on hardware.

Read more:

🛡️Did OpenClaw Just Compromise Its Own Security?

— If you are utilizing 🦞#OpenClaw for your testing or software development needs, please exercise caution regarding AI errors that could result in the exposure of secret keys!

During a recent event, OpenClaw attempted to generate a GitHub Issue by employing a system tool that invokes exec to process Shell commands. Unfortunately, the AI formulated a flawed Bash command. This error triggered an accidental Bash injection attack targeting OpenClaw's own host machine. Consequently, more than 100 lines of critical environment variables—comprising authentication tokens, Telegram keys, and other secrets—were embedded directly into the GitHub Issue body and released to the public.

The breakdown of the failure is as follows:

1. The AI produced a text string enclosed in double quotes intended for the GitHub platform.

2. Within that string, the word set appeared between backticks. Bash interprets text inside backticks as a command substitution. Therefore, rather than treating the word simply as text, the system silently ran it as a subcommand.

3. When the command set is run in Bash without specific arguments, it automatically displays every current environment variable.

4. Because OpenClaw processed this command, the system concatenated over 100 lines of essential environment variables into the text of the GitHub Issue and posted the information publicly.

#GoPlusSecurity suggests the following protective measures:

- Opt for direct API calls rather than permitting AI to construct Shell commands manually.
- Implement the principle of least privilege while ensuring environment variables are kept strictly isolated.
- Turn off risky execution modes and verify that appropriate filters and escaping mechanisms are in place.
- Incorporate human-in-the-loop confirmation steps for any high-stakes actions.

For more details:

Did OpenClaw just compromise its own security?

Users deploying #OpenClaw for development or software testing purposes should remain vigilant, as operational errors by the AI could result in the accidental leakage of secret keys.

During a recent event, OpenClaw unintentionally launched a Bash injection attack against its own host system. This occurred while the AI was utilizing a system tool, specifically calling exec to execute Shell commands, in an attempt to create a GitHub Issue. Unfortunately, the Bash command was constructed incorrectly. This error caused the direct insertion and public publication of more than 100 lines of extremely sensitive environment variables, including authentication tokens and Telegram keys, right into the body of the GitHub Issue.

Here is a breakdown of the technical failure:

1. The AI formulated a string intended for GitHub, enclosing it within double quotes.

2. This string contained the word set enclosed in backticks. In the Bash environment, backticks are interpreted as a command substitution.

3. Consequently, the system did not process set as mere text but instead executed it silently as a subcommand. Since running set without arguments instructs Bash to print all existing environment variables, the system complied.

4. OpenClaw executed the command, causing over 100 lines of core environment variables to be concatenated into the text of the GitHub Issue and posted for public view.

#GoPlusSecurity Recommendations:

- It is safer to rely on API calls rather than permitting the AI to build Shell commands directly.
- Adhere to the principle of least privilege and maintain strict isolation for environment variables.
- Implement proper filters and escaping while disabling risky execution modes.
- Require human-in-the-loop verification for any critical actions.

Further reading:

🛡️Did OpenClaw accidentally hack itself?

— When using 🦞#OpenClaw for software development or testing, beware of AI misoperations that may lead to secret key leaks!

In this incident, OpenClaw used a system tool (calling exec to run Shell commands) to create a GitHub Issue, but it constructed an incorrect Bash command. This caused OpenClaw to unintentionally perform a Bash injection attack on its own host device, resulting in over 100 lines of highly sensitive environment variables (including Telegram keys, authentication tokens, etc.) being directly inserted into the GitHub Issue content and publicly published.

Details:

1. AI generated a string wrapped in double quotes "" intended for GitHub.

2. The string contained a word wrapped in backticks: `set`, which Bash interprets as a “command substitution.” As a result, Bash didn’t treat set as plain text but executed it silently as a subcommand.

3. In Bash, running set with no arguments prints all current environment variables.

4. OpenClaw executed set, and over 100 lines of core environment variables were concatenated into the GitHub Issue text and publicly posted.

#GoPlusSecurity Recommendations:

-Prefer API calls instead of letting AI directly build Shell commands.
-Apply the principle of “least privilege” and strictly isolate environment variables.
-Disable dangerous execution modes and ensure proper escaping/filters.
-Introduce human-in-the-loop verification for critical operations.

Further reading:

GoPlus Security Warning:

Please remain vigilant regarding emerging honeypot risks on the BSC network, specifically involving tokens like #4Agent. We have confirmed that the Gork4.2-themed token, #4AGENT (contract address 0x15eadc6a76ebe63758ca917a0a1f526b00ca1111), is operating as a honeypot. Unfortunately, this scheme has already entrapped smart money investors and KOLs, resulting in collective losses amounting to 170 #BNB, or approximately $100,000.

The malicious developer, who is operating under the address 0xc7a15250ef489f2ba958b250baefa820a65855fe, has already begun dispersing the stolen funds. Specifically, 123.7 #BNB was transferred to the wallet 0xFcc7873C52AE1ADA55a01d6c2976dB381C514EB5. Additionally, another 46 #BNB was swapped for #ETH through Orbiter and subsequently bridged to 0x96f4885d32ffc2b6ba9e429ac777440e3df7e775.

Tracing the funds reveals that the developer's initial capital originated from #Bitget. Further investigation into cross-chain history connects this same developer to two similar unverified malicious projects launched in the past: 0x4C2F9c8dD68bE5B137E5dB2116D0B44d7197e2eD (DEBOT) and 0xf46bd4c8A725e5650F927E35b55c3DBACA9CDF2d (U Lottery).

To safeguard your assets against honeypot scams, we strongly recommend reviewing the GoPlus security detection data available on your market or trading platform prior to investing in any MEME tokens.

1/ We are presenting an analysis of the vulnerability associated with the sDOLA LlamaLend Flash Loan Price Manipulation Attack. This security breach led to approximately $240,000 in losses, specifically comprising 6.74 WETH and 227,325 DOLA.

Regarding the specific mechanics of the exploit, the bad actor distorted the value of sDOLA by utilizing donations combined with flash loans. Prior to this interference, the exchange rate stood at 1.189 DOLA for 1 sDOLA. However, following the price manipulation, the cost to swap 1 sDOLA increased to 1.353 DOLA.

Important GoPlus Security Notification:

We have identified a security gap in #Chrome that permits harmful extensions to improperly gain higher access rights through the #Gemini interface. It is vital that you update your browser installation to build 143.0.7499.192 or a more recent release without delay.

Officially cataloged as CVE-2026-0628, this flaw allows malicious add-ons to take control of the Gemini Live panel. Consequently, attackers can bypass required user permissions to record audio and video via the microphone and camera, read local files, and take screenshots. Google released a patch for this issue in early January 2026. The secure releases are versions 143.0.7499.192 and 143.0.7499.193 for Windows and Mac operating systems, and version 143.0.7499.192 for Linux. Please verify your software version and perform the upgrade immediately.

Source

We are thrilled to share that $GPS has officially launched on Bithumb. In honor of this milestone, we are introducing a special QT Campaign tailored specifically for our Korean community. We invite all Web3 enthusiasts in Korea to participate by sharing a Quote Tweet in Korean to express your support. By joining, you have the opportunity to share a 200U reward pool.

Please be aware that the deadline for entries is March 6 at 4:00 PM (UTC). There will be 20 winners chosen to receive 10U each. To qualify, please follow these steps: First, post a QT in Korean and add a comment to enter the random giveaway. Second, provide your tweet link and wallet address using the submission form found at https://t.co/omn35xh0mO

Let us generate some excitement for #GoPlus #GPS on @BithumbOfficial

Exciting news is here as $GPS has officially launched on Bithumb. To mark this special occasion, we are initiating a promotional Quote Tweet event dedicated to our Korean Web3 community members. By creating a Quote Tweet using the Korean language, you have the opportunity to share in a total prize pool of 200U.

We will be selecting 20 winners, who will each be awarded 10U. Make sure to finalize your participation before the cutoff time on March 6 at 4:00 PM (UTC).

Here is how you can join the campaign: Start by posting a Quote Tweet that includes a supportive comment written in Korean. After posting, you must submit both the link to your tweet and your wallet address through our designated entry form at https://t.co/omn35xh0mO

We look forward to seeing your support for #GoPlus and #GPS on @BithumbOfficial