[SlowMist Alert: NPM Supply Chain Poisoning Attack Threatens DApp Users' Asset Security] SlowMist Technology's Chief Information Security Officer, 23pds, posted on the X platform, pointing out that recently attackers have been exploiting NPM supply chain poisoning by replacing SVG files referenced by decentralized platforms with versions embedded with malicious scripts. These malicious SVG files use cross-site scripting (XSS) attacks to generate pop-ups, luring DApp users into signing operations, thereby stealing user assets. SlowMist advises developers and users to strengthen security measures to prevent asset losses caused by supply chain vulnerabilities.

[Hong Kong SFC Proposes Stricter Compliance Requirements for Financial KOLs] The Hong Kong Securities and Futures Commission (SFC) plans to issue guidelines to licensed institutions, standardizing the hiring of financial KOLs and the use of digital platforms for promotion. The proposed regulations would require brokers to conduct due diligence on KOLs, assessing their background, credibility, and experience, as well as continuously monitoring their activities to ensure content is accurate and not misleading, while preventing potential market manipulation. Informal consultations with the industry are currently underway.

[Whale Loses Over $43 Million in a Single Month and Shorts Ethereum Again] According to monitoring by EmberCN, a whale who previously lost $35.84 million by going long on ETH and $7.5 million by shorting BTC has recently shifted to shorting ETH. The whale opened a short position of 5,432 ETH (approximately $24.5 million) at a price of $4,485, with a liquidation price of $4,594. Over the past month, this whale has accumulated losses totaling $43.33 million, and the current address balance is less than $1 million.

[Yala to Destroy Illegally Minted YU Tokens on September 23] Yala has released a follow-up report on the attack incident, stating that hackers exploited a temporary deployment key to establish an unauthorized cross-chain bridge, causing the YU token to briefly depeg. The hackers have returned 22,287,000 YU tokens, though some funds remain scattered across multiple wallets. Yala plans to destroy the illegally minted YU tokens on September 23, restore the 1:1 USDC exchange ratio, and compensate users who suffered losses due to the depegging. Currently, the official team is cooperating with law enforcement to track the hackers.

Bitget WLD/USDT's perpetual trading volume surged 6 times within 10 minutes, with a turnover of 82.62 million US dollars in the past 24 hours, an increase of 1.33% A surge in trading volume generally indicates an increase in market trading activity or large-scale fund buying and selling operations, which may be caused by certain important market changes or news announcements. According to AiCoin data, the comprehensive ranking of Bitget contracts ranks fourth globally