The XRP Ledger Foundation has flagged a critical security vulnerability in its official JavaScript library — a tool widely used by developers to interact with the XRP Ledger blockchain.
The discovery, disclosed on April 22, has raised fresh concerns about supply chain risks in the crypto ecosystem.
Blockchain security firm Aikido revealed in a blog post that the open-source JavaScript package had been infiltrated by advanced attackers who embedded a backdoor capable of harvesting private keys and accessing users’ crypto wallets. Given the library’s widespread integration across hundreds of thousands of applications and websites, Aikido warned the breach could pose a “potentially catastrophic” threat to the broader cryptocurrency landscape.
Despite the severity of the exploit, the XRP Ledger Foundation acted swiftly, upgrading the codebase to eliminate the compromised version. The Foundation also confirmed that key ecosystem projects — including XRPScan, First Ledger, and Gen3 Games — were not affected by the breach.
Interestingly, the XRP token appeared unfazed by the news, closing over 3.5% higher in U.S. trading hours on April 22, per data from CoinGecko. The token currently boasts a market capitalization exceeding $125 billion, with a fully diluted valuation around $215 billion.
Established in 2012, the XRP Ledger is one of the longest-standing blockchain networks, catering primarily to payment solutions and institutional DeFi applications. Its growing relevance in the current crypto landscape has been fueled by a more favorable U.S. regulatory climate, particularly following pro-crypto President Donald Trump’s election victory in November. Since then, the XRP token has skyrocketed by more than 300%, with multiple asset managers now lobbying the U.S. Securities and Exchange Commission (SEC) to greenlight XRP-based exchange-traded funds (ETFs).
Adding to the token’s momentum, Coinbase launched XRP futures contracts on its U.S. derivatives exchange just a day before the breach disclosure, signaling continued institutional interest despite ongoing security challenges.
If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
