Solana is a technology platform tracked across 50 threat clusters and 132 intelligence report mentions on ThreatCluster. First observed November 8, 2025; most recent activity July 13, 2026.
On May 5, 2026, Ripple announced it will share internal threat intelligence regarding North Korean hackers with Crypto ISAC, aimed at enhancing security across the cryptocurrency industry. This initiative follows a…
Following a $285 million hack attributed to North Korean hackers, the Solana Foundation has launched two security initiatives, STRIDE and SIRN, to enhance the security of its DeFi ecosystem. STRIDE is a tiered security…
In April 2026, the cryptocurrency sector experienced a record number of hacks, predominantly attributed to North Korean state-sponsored groups like the Lazarus Group. These attacks resulted in over $625 million in…
On April 1, 2026, the Drift Protocol on Solana was exploited, resulting in over $270 million in losses, primarily in USDC. North Korean state hackers executed 31 withdrawals in a rapid 12-minute window, leading to a…
A U.S. federal court has issued a restraining notice preventing Arbitrum DAO from transferring 30,766 ETH (approximately $71.1 million) that was frozen following the Kelp DAO exploit, which resulted in a loss of $292…
Drift Protocol has rebranded as Velocity DEX following a significant exploit on April 1, 2026, where over $280 million was stolen. The attack was attributed to North Korea's Lazarus Group, which compromised multisig…
Drift Protocol, a decentralized finance platform on Solana, experienced a significant security breach resulting in a loss of approximately $270 million. The exploit affected over 15 different token types, including…
The Glassworm botnet, which has targeted software developers since early 2025, was taken down in a coordinated operation by CrowdStrike, Google, and the Shadowserver Foundation on May 26, 2026. This botnet utilized…
In a span of 24 hours, three significant cryptocurrency-related attacks were reported. Fraudsters impersonated SecondFi, creating fake browser extensions and applications aimed at stealing cryptocurrency from users.…
A new supply chain attack, dubbed 'Mini Shai-Hulud', has compromised multiple npm packages related to SAP's Cloud Application Programming Model (CAP). This attack involves injecting malicious preinstall scripts into…