XRP Ledger developer kit compromised with backdoor to steal wallet private keys

Aikido Security disclosed a vulnerability in the XRP Ledger’s (XRPL) official JavaScript SDK, revealing that multiple compromised versions of the XRPL Node Package Manager (NPM) package were published to the registry starting April 21. The affected versions, v4.2.1 through v4.2.4 and v2.14.2, contained a backdoor capable of exfiltrating private keys, posing a severe risk to […]