XRP Ledger engineers have seemingly addressed the concern by releasing updated versions of the code to “override the compromised packages and recommend that anyone using the impacted JavaScript libraries (v4.2.1-4.2.4 and v2.14.2) update immediately. The team also said it would release a post-mortem of the issue once it had a better understanding of how it was released.

Quote

Sources

XRP Ledger Foundation discloses 'serious vulnerability' in recently updated version of XRPL JavaScript library