Security News > 2025 > April > Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack
2025-04-23 07:17
The Ripple cryptocurrency npm JavaScript library named xrpl.js has been compromised by unknown threat actors as part of a software supply chain attack designed to harvest and exfiltrate users' private keys. The malicious activity has been found to affect five different versions of the package: 4.2.1, 4.2.2, 4.2.3, 4.2.4, and 2.14.2. The issue has been addressed in versions 4.2.5 and 2.14.3.
News URL
https://thehackernews.com/2025/04/ripples-xrpljs-npm-package-backdoored.html
Related news
- Ripple NPM supply chain attack hunts for private keys (source)
- Supply chain attack hits npm package with 45,000 weekly downloads (source)
- Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks (source)
- Magento supply chain attack compromises hundreds of e-stores (source)
- Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack (source)
- RVTools hit in supply chain attack to deliver Bumblebee malware (source)
- DragonForce ransomware abuses SimpleHelp in MSP supply chain attack (source)