Crypto Users Warned to Stop Transacting because of Massive Exploit - Decrypt
Many crypto users could be at risk of having their funds stolen following the discovery of compromised JavaScript code packages.
NPM is a prominent package manager for JavaScript, and Ledger CTO Charles Guillemet said on X that the entire programming language’s ecosystem could be vulnerable after a reputable developer’s account, qix, was compromised, potentially spreading a malicious payload to various websites.
“The malicious payload works by silently swapping crypto addresses on the fly to steal funds,” he said, adding that compromised packages have been downloaded more than 1 billion times. Guillemet added that funds on "potentially all chains" could be vulnerable to the exploit.
Blockchain security firm Blockaid said on X that the compromise impacts around two dozen popular packages, such as “color-name” and “color-string.” NPM hosts packages of reusable code that users can integrate into their projects, which are written by others.
NPM later appeared to disable the compromised packages, software developer, Cygaar, added. However, he encouraged developers to still check their dependencies, noting that they could’ve downloaded a compromised package before the change was made.
The sentiment was echoed by the author of a post that Guillemet linked to on X, which stated that they are “actively working with the NPM security team to resolve the issue” and that the malicious code had been removed from most of the affected webpages.
How it impacts you? If you’re sending or receiving any sort of Crypto right now, or use NPM, please be diligent. Double check the address you’re sending any crypto to, which is good practice anyways. For time being, however, it’s very pivotal.
Venezuela Turns to Stablecoins to Battle Hyperinflation - CoinTelegraph
Stablecoins like Tether’s, USDT, have become the de facto currency for millions of people in Venezuela as the country’s annual inflation rate surges to 229%.
USDT, often referred to locally as “Binance dollars,” is now widely used across Venezuela for everything from groceries and condo fees to salaries and vendor payments, Mauricio Di Bartolomeo, who fled Venezuela before co-founding Ledn in 2018, told Cointelegraph.
The bolívar, Venezuela’s national currency, is largely dead in daily commerce. Hyperinflation, strict capital controls, and a fractured exchange rate drive a growing preference for stablecoins over cash or local bank transfers.
Other countries following a similar pattern are Argentina, Turkey and Nigeria, where locals are turning to stablecoins amid soaring inflation.
How it impacts you? This was a prime reason why Bitcoin and cryptocurrencies were created: to battle inflation, and now it’s actually playing out in the real-world. The U.S. is also buying into Stablecoins in an attempt to battle its $37 trillion national debt.
