Many versions of the Ripple ledger (XRPL) official NPM package are compromised with malware injected to steal cryptocurrency.… The NPM package, xrpl, is a JavaScript/TypeScript library that devs ...

A malicious actor used a compromised Ripple dev account to publish commits to NPM The commits would grant access to people's crypto wallets They were downloaded around 450 times before being ...

The recommended Ripple cryptocurrency NPM JavaScript library named "xrpl.js" was compromised to steal XRP wallet seeds and private keys and transfer them to an attacker-controlled server ...