The XRP Ledger Foundation has identified a security vulnerability in JavaScript, necessitating an update.

A blockchain security expert from Alkido has discovered a significant flaw in the xrpl npm package version 22.20.22.26-2.26. 224 and v2104.04. On April 25, it was noted that hundreds of thousands of applications and websites exploit this package to steal private keys immediately upon the creation of a Wallet object. The XRP Ledger Foundation released an urgent security alert on April 22, highlighting a significant vulnerability in its official JavaScript library, xrpl. JavaScript utilized by developers to engage with the XRP Ledger blockchain. The vulnerability was recognized as a complex supply chain attack, where malicious code was embedded in certain versions of the xrpl. JavaScript library that could compromise the security of cryptocurrency wallets by using this package. Aikido Intel, which operates Aikido’s public threat feed utilizing LLMs to keep an eye on public package managers, identified the vulnerability. This issue pertains to specific versions of xrpl. JavaScript, particularly version 4.2.

The XRP Ledger Foundation has identified a security vulnerability in JavaScript, necessitating an update.

Crypto Today: SEC Drops Binance Case, New US Crypto Bill, Bybit’s EU Expansion

SEC Commissioner Hester Peirce Highlights Complexity of Securities Laws in Crypto Space

China Eyes Bitcoin Reserve, Sony Bank Enters Web3 – Asia Roundup

Midas Launches Tokenized US Treasury Bills on Algorand

Nigel Farage Embraces Crypto: Reform UK Becomes First British Party to Accept Bitcoin Donations

Spotting the Next Big Crypto Gem: A Practical Guide to Beating the Crowd

Related Posts