The Ripple cryptocurrency npm JavaScript library named xrpl.js has been compromised by unknown threat actors as part of a software supply chain attack designed to harvest and exfiltrate users’ private keys.
The malicious activity has been found to affect five different versions of the package: 4.2.1, 4.2.2, 4.2.3, 4.2.4, and 2.14.2. The issue has been addressed in versions 4.2.5 and 2.14.3.
The original article found on The Hacker News Read More
ASUS has acknowledged multiple critical vulnerabilities affecting its routers that could allow hackers to remotely execute malicious code, thereby compromising network security and user privacy. […]
The cybersecurity landscape confounded expectations in 2024, as anticipated threats and risk didn’t materialize and less widely touted attack scenarios shot up. The original article […]
In a sophisticated onslaught targeting the open-source ecosystem, reports have emerged detailing several malicious npm packages that are nefariously exploiting the Telegram Bot API to […]