Researchers found a harmful Chrome extension called Crypto Copilot that secretly siphons Solana from users during transactions. It injects hidden fees into swaps on the Raydium exchange, transferring funds to an attacker's wallet without user knowledge. The extension remains available for download, despite its malicious behavior.

Upbit experienced a significant security breach, losing $37 million in Solana assets. The exchange has paused withdrawals and plans to compensate affected users using reserve assets. Details on the attack's execution remain undisclosed.

Researchers from Safety have discovered infostealer malware targeting Russian cryptocurrency developers through npm packages designed to appear legitimate. These malicious packages, which aim to extract sensitive information such as cryptocurrency credentials, are linked to servers in the USA, raising suspicions of state-sponsored activity against Russia's ransomware operators. Developers in the Solana ecosystem are advised to secure their software supply chains to mitigate these threats.

Solana recently addressed a vulnerability that allowed attackers to exploit a bug and steal tokens from users. The platform has implemented a patch to secure its network and prevent further incidents of this nature. Community members are urged to take precautions and monitor their accounts following the attack.