According to news on December 9, according to Scam Sniffer monitoring, most Solana wallet attackers use third-party domain names to bypass the wallet blacklist (such as registering expired DApp domain names and now exploiting XSS vulnerabilities). If the user finds that the DApp pops up a second window (or redirects) asking you to connect the wallet in another window, please double check whether it is safe.