The XRP community has been alerted about a serious security threat involving compromised versions of the XRPL NPM package, which has been found to contain a backdoor that steals private keys.
Versions 4.2.1 through 4.2.4 of the XRPL NPM package are specifically identified as compromised. Developers are urged to revert to version 4.2.0 to ensure the safety of their projects.
Experts from within the XRP community, including Thomas Silkjaer and infrastructure providers, emphasize the necessity to avoid using the compromised versions to protect user funds and maintain project integrity.
Leave a Reply