Summary

Collection item

Charlie Eriksen from Aikido Security discovered the April 2025 XRP Ledger security issue and described it as a potentially catastrophic supply chain attack

XRP Ledger Foundation advised all projects to upgrade immediately to version 4.2.5 of xrpl.js, which was released to mitigate the security risks identified on the compromised versions during the April 2025 incident

XRP Ledger Foundation reported that xrpl.js versions v4.2.1 through v4.2.4 and v2.14.2, hosted on Node Package Manager (NPM), were specifically impacted during the April 2025 security incident

Charlie Eriksen from Aikido Security stated that the risk of exposure in the April 2025 XRP Ledger security incident was limited to projects that installed the compromised versions of the xrpl.js library shortly within a short window

XRP Ledger Foundation identified a serious vulnerability in recent versions of the xrpl.js JavaScript library, which is used to interact with the XRP Ledger, prompting an urgent update recommendation

XRP Ledger blockchain codebase and GitHub repository remained unaffected by the April 2025 security incident involving the xrpl.js library

Data source type

Collection data source

Filter

{"where":{"AND":[{"attribute":"Jfmby78N4BCseZinBmdVov","is":"KeG9eTM8NUYFMAjnsvF4Dg"}]}}