Security News > 2025 > April > Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack
2025-04-23 07:17
The Ripple cryptocurrency npm JavaScript library named xrpl.js has been compromised by unknown threat actors as part of a software supply chain attack designed to harvest and exfiltrate users' private keys. The malicious activity has been found to affect five different versions of the package: 4.2.1, 4.2.2, 4.2.3, 4.2.4, and 2.14.2. The issue has been addressed in versions 4.2.5 and 2.14.3.
News URL
https://thehackernews.com/2025/04/ripples-xrpljs-npm-package-backdoored.html
Related news
- Ripple NPM supply chain attack hunts for private keys (source)
- Supply chain attack hits npm package with 45,000 weekly downloads (source)
- GitHub Action supply chain attack exposed secrets in 218 repos (source)
- Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed (source)
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More (source)
- New npm attack poisons local packages with backdoors (source)
- Malicious npm Package Modifies Local 'ethers' Library to Launch Reverse Shell Attacks (source)
- Recent GitHub supply chain attack traced to leaked SpotBugs token (source)
- SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack (source)
- That massive GitHub supply chain attack? It all started with a stolen SpotBugs token (source)