A mystery thief and a critical CVE involved in crypto cash grab
April 23, 2025 By Connor Jones
Many versions of the Ripple ledger (XRPL) official NPM package are compromised with malware injected to steal cryptocurrency.
The NPM package, xrpl, is a JavaScript/TypeScript library that devs use to interact with and build apps using the cryptocurrency ledger's features. This includes wallet and key management, payment channels, decentralized exchange, escrow, and so on.
Xrpl receives a great deal of interest from developers; weekly downloads hit a high of more than 186,000 in April, which offers an indication of how many people may be affected by the recent compromise in the absence of a confirmed number.
