No Result
View All Result
  • Login
Wednesday, July 1, 2026
theadvisertimes.com
  • Home
  • Business
  • Financial Planning
  • Personal Finance
  • Investing
  • Money
  • Economy
  • Markets
  • Stocks
  • Trading
  • Home
  • Business
  • Financial Planning
  • Personal Finance
  • Investing
  • Money
  • Economy
  • Markets
  • Stocks
  • Trading
No Result
View All Result
theadvisertimes.com
No Result
View All Result
Home Cryptocurrency

Second JavaScript Exploit in Four Months Exposes Crypto Sites to Wallet Drainers

by theadvisertimes.com
7 months ago
in Cryptocurrency
Reading Time: 2 mins read
A A
0
Second JavaScript Exploit in Four Months Exposes Crypto Sites to Wallet Drainers
Share on FacebookShare on TwitterShare on LInkedIn


A newly discovered loophole in one of the web’s most
used development tools is giving hackers a new way to drain cryptocurrency
wallets.

Cybersecurity researchers have reported a surge in
malicious code uploaded to legitimate websites through a vulnerability in the
popular JavaScript library React, a tool used by countless crypto platforms
for their front-end systems.

Crypto Drainer Attacks Surge via React Flaw

According to Security Alliance (SEAL), a nonprofit
cybersecurity organization, criminals are actively exploiting a recently
disclosed React vulnerability labeled CVE-2025-55182.

Crypto Drainers using React CVE-2025-55182We are observing a big uptick in drainers uploaded to legitimate (crypto) websites through exploitation of the recent React CVE.All websites should review front-end code for any suspicious assets NOW.

— Security Alliance (@_SEAL_Org) December 13, 2025

“We are observing a big uptick in drainers uploaded to
legitimate crypto websites through exploitation of the recent React CVE,” SEAL
stated on X (formerly Twitter). “All websites should review front-end code for
any suspicious assets NOW.”

The flaw enables unauthenticated remote code
execution, allowing attackers to secretly inject wallet-draining scripts into
websites. The malicious code tricks users into approving fake transactions via
deceptive pop-ups or reward prompts.

Read more: Hackers Exploit JavaScript Accounts in Massive Crypto Attack Reportedly Affecting 1B+ Downloads

SEAL cautioned that some compromised sites may be
unexpectedly flagged as phishing risks. The organization advised web
administrators to conduct immediate security audits to catch any injected
assets or obfuscated JavaScript.

“If your project is getting blocked, that may be the reason. Please review your code first before requesting phishing page warning removal.

The attack is targeting not only Web3 protocols! All websites are at risk. Users should exercise caution when signing ANY permit signature,” SEAL urged.

Scan host for CVE-2025-55182Check if your FE code is suddenly loading assets from hosts you do not recognizeCheck if any of the “Scripts” loaded by your FE code are obfuscated JavaScriptInspect if the wallet is showing the correct recipient on the signature signing request

— Security Alliance (@_SEAL_Org) December 13, 2025

Phishing Flags and Hidden Drainers

The group warned that developers who find their
projects mistakenly blocked as phishing pages should inspect their code first
before appealing the warning.

In September, a major software supply-chain attack infiltrated JavaScript packages, raising the risk that cryptocurrency users could be
exposed to theft.

The incident involved the compromise of a reputable
developer’s account on the Node Package Manager platform, allowing attackers to
distribute malicious code through packages that have been downloaded more than
one billion times.

🚨 There’s a large-scale supply chain attack in progress: the NPM account of a reputable developer has been compromised. The affected packages have already been downloaded over 1 billion times, meaning the entire JavaScript ecosystem may be at risk.The malicious payload works…

— Charles Guillemet (@P3b7_) September 8, 2025

“There’s a large-scale supply chain attack in
progress: the NPM account of a reputable developer has been compromised,”
Guillemet explained. “The affected packages have already been downloaded over 1
billion times, meaning the entire JavaScript ecosystem may be at risk.”

This article was written by Jared Kirui at www.financemagnates.com.



Source link

Tags: CryptoDrainersexploitExposesJavaScriptMonthsSitesWallet
ShareTweetShare
Previous Post

The Weekly Notable Startup Funding Report: 12/15/25 – AlleyWatch

Next Post

Is Universal Health Services Stock Outperforming the S&P 500?

Related Posts

Ripple-Backed Evernorth Reveals How RLUSD Powered .5B Milestone For XRP

Ripple-Backed Evernorth Reveals How RLUSD Powered $2.5B Milestone For XRP

by theadvisertimes.com
June 30, 2026
0

Evernorth, a Ripple-backed XRP treasury firm, has published a report on RLUSD stablecoin and XRP. It underscores the growing influence RLUSD...

DeFi hacks are turning high yields into a hidden liquidity tax

DeFi hacks are turning high yields into a hidden liquidity tax

by theadvisertimes.com
June 30, 2026
0

DeFi's latest exploit chatter is pointing traders toward a cost that does not appear in pool APYs: the price of...

XRP Holds  Support As Wallet Growth Hits Three-Month High

XRP Holds $1 Support As Wallet Growth Hits Three-Month High

by theadvisertimes.com
June 30, 2026
0

TL;DR Confirmed XRP network addresses grew at their fastest average pace since March 2026, helping defend the key $1.00 level...

140 Firms Including Coinbase and Ripple Launch the New Open USD Stablecoin

140 Firms Including Coinbase and Ripple Launch the New Open USD Stablecoin

by theadvisertimes.com
June 30, 2026
0

Key TakeawaysOpen Standard launched Open USD on June 30 with more than 140 partners including Visa.Coinbase, Stripe and Mastercard back...

StarkWare Releases Quantum-Resistant Roadmap For Starknet

StarkWare Releases Quantum-Resistant Roadmap For Starknet

by theadvisertimes.com
June 30, 2026
0

Zero-knowledge scaling company StarkWare has released a quantum-resistant roadmap for Starknet, arguing that other chains will remain exposed if the...

Kraken Plugs Institutional Liquidity into Europe’s Banking Rails via Trever Integration

Kraken Plugs Institutional Liquidity into Europe’s Banking Rails via Trever Integration

by theadvisertimes.com
June 30, 2026
0

Shift Markets Review: The Shift Platform & White Label Prediction Markets Shift Markets Review: The Shift Platform & White Label...

Next Post
Is Universal Health Services Stock Outperforming the S&P 500?

Is Universal Health Services Stock Outperforming the S&P 500?

I lead Microsoft’s enterprise AI agent strategy. Here’s what every company should know about how agents will rewrite work

I lead Microsoft’s enterprise AI agent strategy. Here’s what every company should know about how agents will rewrite work

  • Trending
  • Comments
  • Latest
Should You Offer a Concession to Get Your Apartment Leased Faster?

Should You Offer a Concession to Get Your Apartment Leased Faster?

June 15, 2026
Understanding risk remains a major investor blind spot: TIAA Institute

Understanding risk remains a major investor blind spot: TIAA Institute

June 5, 2026
Anthropic’s confidential S-1 signals summer AI IPO race could heat up fast

Anthropic’s confidential S-1 signals summer AI IPO race could heat up fast

June 2, 2026
5 things financial therapists want every advisor to know

5 things financial therapists want every advisor to know

June 26, 2026
9 Best Cheap Cell Phone Plans That Will Save You Money

9 Best Cheap Cell Phone Plans That Will Save You Money

June 3, 2026
AI shopping agents are coming. No one is ready for them

AI shopping agents are coming. No one is ready for them

June 12, 2026
NRI Talk| Equities at 45%, gold at 10-12%: Shiv Gupta of Sanctum Wealth’s ideal India portfolio for NRIs

NRI Talk| Equities at 45%, gold at 10-12%: Shiv Gupta of Sanctum Wealth’s ideal India portfolio for NRIs

0
Ripple-Backed Evernorth Reveals How RLUSD Powered .5B Milestone For XRP

Ripple-Backed Evernorth Reveals How RLUSD Powered $2.5B Milestone For XRP

0
Dave Says: Contentment, Gratitude and Priorities

Dave Says: Contentment, Gratitude and Priorities

0
Market Talk – June 30, 2026

Market Talk – June 30, 2026

0
Dell’s AI boom is real, but so is the profit margin hit nobody is pricing in

Dell’s AI boom is real, but so is the profit margin hit nobody is pricing in

0
Millions Drop ACA Coverage Amid Price Jump. Did Fraud Inflate Signups?

Millions Drop ACA Coverage Amid Price Jump. Did Fraud Inflate Signups?

0
NRI Talk| Equities at 45%, gold at 10-12%: Shiv Gupta of Sanctum Wealth’s ideal India portfolio for NRIs

NRI Talk| Equities at 45%, gold at 10-12%: Shiv Gupta of Sanctum Wealth’s ideal India portfolio for NRIs

June 30, 2026
Millions Drop ACA Coverage Amid Price Jump. Did Fraud Inflate Signups?

Millions Drop ACA Coverage Amid Price Jump. Did Fraud Inflate Signups?

June 30, 2026
Small-cap stocks enjoy best first half since 1991 as AI trade expands

Small-cap stocks enjoy best first half since 1991 as AI trade expands

June 30, 2026
When Roth conversions make sense — and the smart way to pay the taxes

When Roth conversions make sense — and the smart way to pay the taxes

June 30, 2026
Ohio Cooling Help Starts July 1: 5 Senior Options

Ohio Cooling Help Starts July 1: 5 Senior Options

June 30, 2026
Get Ready For The GTM Singularity At Forrester’s B2B Forum EMEA

Get Ready For The GTM Singularity At Forrester’s B2B Forum EMEA

June 30, 2026
theadvisertimes.com

Get the latest news and follow the coverage of Business & Financial News, Stock Market Updates, Analysis, and more from the trusted sources.

CATEGORIES

  • Business
  • Cryptocurrency
  • Economy
  • Financial Planning
  • Investing
  • Market Analysis
  • Markets
  • Money
  • Personal Finance
  • Startups
  • Stock Market
  • Trading

LATEST UPDATES

  • NRI Talk| Equities at 45%, gold at 10-12%: Shiv Gupta of Sanctum Wealth’s ideal India portfolio for NRIs
  • Millions Drop ACA Coverage Amid Price Jump. Did Fraud Inflate Signups?
  • Small-cap stocks enjoy best first half since 1991 as AI trade expands
  • Our Great Privacy Policy
  • Terms of Use, Legal Notices & Disclosures
  • About Us
  • Contact Us

© Copyright 2024 All Rights Reserved
See articles for original source and related links to external sites.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Home
  • Business
  • Financial Planning
  • Personal Finance
  • Investing
  • Money
  • Economy
  • Markets
  • Stocks
  • Trading

© Copyright 2024 All Rights Reserved
See articles for original source and related links to external sites.