A mystery thief and a critical CVE involved in crypto cash grab Many versions of the Ripple ledger (XRPL) official NPM package are compromised with malware injected to steal cryptocurrency.… The NPM ...

A malicious actor used a compromised Ripple dev account to publish commits to NPM The commits would grant access to people's ...

The recommended Ripple cryptocurrency NPM JavaScript library named "xrpl.js" was compromised to steal XRP wallet seeds and private keys and transfer them to an attacker-controlled server ...

XRP's xrpl.js library was compromised in a supply chain attack, exposing private keys. Ripple urges immediate update to ...

Ripple's xrpl.js package breach threatens DeFi wallets on XRP. No major thefts reported, and Ripple has deprecated the compromised version.

Researchers at Aikido run the Aikido Intel system, an LLM security monitor that ingests the feeds from public package ...

A security crisis was avoided after a hacker exploited a developer’s access token to inject malicious code into a toolkit ...

The issue only affects versions of Node Package Manager (NPM), a site where developers share reusable code for projects.

The recommended Ripple cryptocurrency NPM JavaScript library named "xrpl.js" was compromised to steal XRP wallet seeds and private keys and transfer them to an attacker-controlled server ...