NightEagle APT Exploits Microsoft Exchange Flaw to Target China's Military and Tech Sectors

Your AI Agents Might Be Leaking Data — Watch this Webinar to Learn How to Stop It

Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros

Google Ordered to Pay $314M for Misusing Android Users' Cellular Data Without Permission

Massive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC Scams

The Ripple cryptocurrency npm JavaScript library named xrpl.js has been compromised by unknown threat actors as part of a software supply chain attack designed to harvest and exfiltrate users' private keys.
The malicious activity has been found to affect five different versions of the package: 4.2.1, 4.2.2, 4.2.3, 4.2.4, and 2.14.2. The issue has been addressed in versions 4.2.5 and 2.14.3.

Headline

Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack

The Hacker News: Latest News