News

Malicious PyPI packages abuse Gmail, websockets to hijack systems
Seven malicious PyPi packages were found using Gmail's SMTP servers and WebSockets for data exfiltration and remote command ...
Ripple NPM supply chain attack hunts for private keys
Targeting NPM is an increasingly popular method of launching supply chain attacks for cybercriminals, primarily because of ...
The Hacker News6d
Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack
xrpl.js is a popular JavaScript API for interacting with the XRP Ledger blockchain, also called the Ripple Protocol, a ...
ExtraHop® Disrupts Network Detection and Response Market with Industry’s First All-in-One Sensor
ExtraHop, a leader in modern network detection and response (NDR), today launched the industry’s first all-in-one sensor ...
Ripple's recommended XRP library xrpl.js hacked to steal wallets
The recommended Ripple cryptocurrency NPM JavaScript library named "xrpl.js" was compromised to steal XRP wallet seeds and ...
Ripple cryptocurrency software library hit by major security issue, wallets under threat
A malicious actor used a compromised Ripple dev account to publish commits to NPM The commits would grant access to people's ...
Security Boulevard1d
Revived CryptoJS library is a crypto stealer in disguise
An illicit npm package called 'crypto-encrypt-ts' may appear to revive the unmaintained but vastly popular CryptoJS library, ...
CoinDesk8d
XRP Ledger Bug Patched After 'Serious' Flaw Spotted in XRPL Library
The issue only affects versions of Node Package Manager (NPM), a site where developers share reusable code for projects.
The Hacker News12d
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram ...
Cryptopolitan on MSN9d
XRP Ledger Foundation confirms SDK breach and issues urgent fix
Software security firm Aikodo has alerted XRP Ledger developers to a vulnerability in the XRPL software development kit (SDK) ...