solana

Drift Protocol Lost $285M Because Two People Signed the Wrong Thing

John Z Black Apr 3, 2026

Incidents & Breaches #defi #drift-protocol #solana #hack #cryptocurrency #governance

Attackers social-engineered two multisig signers and used Solana's durable nonce feature to pre-sign transactions that drained Drift Protocol. No code exploit needed.

This Malware Hides Its Command Server in the Blockchain, and Borrows Google Calendar Too

John Z Black Mar 27, 2026

Threat Intelligence #malware #blockchain #solana #developer-security #supply-chain #glassworm #npm #c2

GlassWorm targets developers through compromised npm, PyPI, and GitHub packages. Its C2 address is hidden in a Solana blockchain memo. You can't take down a blockchain transaction.