News

The Register on MSN7d
Ripple NPM supply chain attack hunts for private keys
A mystery thief and a critical CVE involved in crypto cash grab Many versions of the Ripple ledger (XRPL) official NPM ...
The Hacker News5d
Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack
xrpl.js is a popular JavaScript API for interacting with the XRP Ledger blockchain, also called the Ripple Protocol, a ...
Security Boulevard17h
Revived CryptoJS library is a crypto stealer in disguise
An illicit npm package called 'crypto-encrypt-ts' may appear to revive the unmaintained but vastly popular CryptoJS library, ...
ExtraHop® Disrupts Network Detection and Response Market with Industry’s First All-in-One Sensor
ExtraHop, a leader in modern network detection and response (NDR), today launched the industry’s first all-in-one sensor ...
Ripple cryptocurrency software library hit by major security issue, wallets under threat
A malicious actor used a compromised Ripple dev account to publish commits to NPM The commits would grant access to people's ...
Ripple's recommended XRP library xrpl.js hacked to steal wallets
The recommended Ripple cryptocurrency NPM JavaScript library named "xrpl.js" was compromised to steal XRP wallet seeds and ...
CoinDesk7d
XRP Ledger Bug Patched After 'Serious' Flaw Spotted in XRPL Library
The issue only affects versions of Node Package Manager (NPM), a site where developers share reusable code for projects.
Crypto News7d
Hacker Tries to Attack XRP Ledger Using Developer Access, Security Team Stops It
A security crisis was avoided after a hacker exploited a developer’s access token to inject malicious code into a toolkit ...
The Hacker News11d
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram ...