According to Foresight News, SlowMist founder Yu Xiang recently tweeted that the Lightning Network is vulnerable to a sandwich attack similar to the one found in MEV (Miner Extractable Value). This type of attack involves trapping the target's funds by attacking them from both sides. However, the attack is not easy to exploit and requires certain conditions to be met: opening two channels on the victim; routing payment through one of these channels; successfully replacing the victim's HTLC-timeouts blocks; and the victim not discovering the HTLC pre-image transaction.
To mitigate this risk before it is fixed, projects using the Lightning Network should be cautious when establishing channels with upstream and downstream partners. It is recommended to establish channels with reputable partners to reduce the risk of being sandwiched. Further testing and verification are needed to determine the effectiveness of these measures.