Buy Crypto
Pay with
USD
USD
Buy & Sell
Hot
Supports Visa, MasterCard, SEPA & more
P2P
0 Fees
Flexible trading, zero fees
Gate Card
Use your crypto for payments worldwide
Markets
Trade
Basic
Advanced
Futures
Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Earn
Launch
CandyDrop
tag
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Launchpad
Be early to the next big token project
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Investment
Square
Square
Post, share, and explore crypto trends
Live
moments live
Live crypto market analysis
Chat
Chat with crypto traders
News
What is happening in crypto
flower_head
More
Promotions
AI
Diğerleri
TradFi
Rewards
Square
Latest
Hot
News
Profile
DappDominatorvip

A popular no-code app builder left 170 applications vulnerable to data exposure through inadequate row-level security implementation. The incident reveals a critical gap: many developers building on these platforms lack the coding expertise to properly implement security controls. As a result, user emails, API keys, and payment information were accessible to unauthorized parties.



The security audit mechanism proved insufficient—it merely verified that security policies existed on paper, never validating whether those policies actually functioned in production. This creates a false sense of confidence.

The issue underscores a broader problem in the Web3 development landscape: the barrier to entry has lowered dramatically, but security best practices haven't kept pace. Developers using abstraction tools need proper security frameworks baked into the platform itself, not just compliance checkboxes. For projects handling sensitive data or financial transactions, this is a hard lesson in why code review and security testing can't be automated away entirely.
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • 4
  • Repost
  • Share
Comment
Add a comment
Add a comment
PrivateKeyParanoiavip
· 01-08 21:07
Low-code platforms are truly a double-edged sword; lowering the barriers has led to more security issues.

The so-called compliance on paper really should be stopped; it needs to be tested with real guns and live ammunition.

170 applications exposed directly; it seems like incidents like this are happening more and more frequently.
View OriginalReply0
ForkPrincevip
· 01-07 16:00
This is the common problem with low-code platforms: the entry barrier is lowered, but security hasn't kept up. Who will foot the bill for the 170 projects that exploded?
View OriginalReply0
TokenomicsTrappervip
· 01-07 16:00
nah this is textbook greater fool theory playing out in real time... "security audit" that doesn't actually test production? lmao. called this months ago when everyone was rushing no-code garbage into mainnet without reading a single line
Reply0
failed_dev_successful_apevip
· 01-07 15:59
170 apps fall together, daring to sleep soundly on paper security? This is the ceiling of no-code.

Everyone wants to go live quickly, but few really care about the pitfalls behind it.

Audits are almost useless... Just looking at documents without actual operation, I know this routine too well.

Web3 has lowered the barriers, but security awareness hasn't kept up; sooner or later, there will be a price to pay.

Automated testing can't really save people; someone who understands still needs to review it manually.
View OriginalReply0

  • Pin

Sitemap