<ul><li>The xrpl.js Ripple cryptocurrency library was compromised in a supply chain attack aimed at stealing users’ private keys.</li><li>Threat actors compromised the Ripple cryptocurrency npm JavaScript library xrpl.js to harvest users’ private keys.</li><li>The researchers investigated the supply chain attack and discovered that five xrpl package versions contained malicious code.</li><li>Users of the xrpl.js library are urged to update to versions 4.2.5 or 2.14.3 to mitigate risks from the recent supply chain attack.</li></ul>

The popular xrpl.js Ripple cryptocurrency library was compromised in a supply chain attack

Discover more