News

CSO Online3h
Hackers booby trap NPM with cross-language imposter packages
Developers adept at multiple coding languages are tricked into installing a familiar-sounding package from within the Node ...
Ripple NPM supply chain attack hunts for private keys
Targeting NPM is an increasingly popular method of launching supply chain attacks for cybercriminals, primarily because of ...
Malicious PyPI packages abuse Gmail, websockets to hijack systems
Seven malicious PyPi packages were found using Gmail's SMTP servers and WebSockets for data exfiltration and remote command ...
Ripple's recommended XRP library xrpl.js hacked to steal wallets
The recommended Ripple cryptocurrency NPM JavaScript library named "xrpl.js" was compromised to steal XRP wallet seeds and ...
Ripple cryptocurrency software library hit by major security issue, wallets under threat
A malicious actor used a compromised Ripple dev account to publish commits to NPM The commits would grant access to people's ...
CoinDesk14d
XRP Ledger Bug Patched After 'Serious' Flaw Spotted in XRPL Library
The issue only affects versions of Node Package Manager (NPM), a site where developers share reusable code for projects.
Security Boulevard7d
Revived CryptoJS library is a crypto stealer in disguise
An illicit npm package called 'crypto-encrypt-ts' may appear to revive the unmaintained but vastly popular CryptoJS library, ...
Crypto News12d
North Korea Develops Novel, More Sophisticated Methods to Target Crypto Industry
North Korean hackers are developing fresh and increasingly sophisticated methods to steal crypto funds: Zoom meetings, hiding ...
Crypto News Flash14d
XRP Ledger Foundation Flags JavaScript Security Risk—Update Required
On April 22, the XRP Ledger Foundation issued an urgent security warning regarding a critical vulnerability in its official ...
BeInCrypto14d
Hackers Target Ripple’s XRP Ledger in a Critical Supply Chain Attack
Ripple's xrpl.js package breach threatens DeFi wallets on XRP. No major thefts reported, and Ripple has deprecated the compromised version.