Crypto Wallets Targeted In JavaScript Library Exploit—Cybersecurity Firm

bitcoinistPublicado em 2025-12-16Última atualização em 2025-12-16

Resumo

A critical vulnerability (CVE-2025-55182) in React Server Components (versions 19.0 to 19.2.0) is being actively exploited to inject malicious code into websites and steal cryptocurrency from connected wallets. The flaw, which allows unauthenticated attackers to execute arbitrary code on affected servers, has led to wallet-draining campaigns across multiple crypto sites. Cybersecurity firm Security Alliance (SEAL) warns that attackers are using the exploit to inject scripts that hijack or redirect transactions by altering user interfaces or swapping addresses. Over 50 organizations have reported compromise attempts, with scanning tools and exploit kits rapidly spreading in underground forums. Patched versions (19.0.1, 19.1.2, 19.2.1) are available, and all affected sites are urged to update immediately.

A critical flaw in React Server Components is being used by attackers to inject malicious code into live websites, and that code is siphoning crypto from connected wallets.

Reports note that the vulnerability, tracked as CVE-2025-55182, was published by the React team on December 3 and carries a maximum severity rating.

Cybersecurity firm Security Alliance (SEAL) has confirmed that multiple crypto websites are actively being targeted, and they urge operators to review all React Server Components immediately to prevent wallet-draining attacks.

Security teams say the bug allows an unauthenticated attacker to run code on affected servers, which has been turned into wallet-draining campaigns across several sites.

Image: Shutterstock

A Wide Risk To Sites Using Server Components

SEAL said the flaw affects React Server Components packages in versions 19.0 through 19.2.0, and patched releases such as 19.0.1, 19.1.2, and 19.2.1 were issued after disclosure.

The vulnerability works by exploiting unsafe deserialization in the Flight protocol, letting a single crafted HTTP request execute arbitrary code with the web server’s privileges. Security teams have warned that many sites using default configurations are at risk until they apply the updates.

Attackers Inject Wallet-Draining Scripts Into Compromised Pages

According to industry posts, threat actors are using the exploit to plant scripts that prompt users to connect Web3 wallets and then hijack or redirect transactions.

In some cases the injected code alters the user interface or swaps addresses, so a user believes they are sending funds to one account while the transaction actually pays an attacker. This method can hit users who trust familiar crypto sites and connect wallets without checking every approval.

BTCUSD now trading at $89,626. Chart: TradingView

Scanners And Proof-Of-Concepts Flooded Underground Forums

Security researchers report a rush of scanning tools, fake proof-of-concept code, and exploit kits shared in underground forums shortly after the vulnerability was disclosed.

Cloud and threat-intelligence teams have observed multiple groups scanning for vulnerable servers and testing payloads, which has accelerated active exploitation.

Some defenders say that the speed and volume of scanning have made it hard to stop all attempts before patches are applied.

More Than 50 Organizations Reported Compromise Attempts

Based on reports from incident responders, post-exploitation crypto activity has been observed at more than 50 organizations across finance, media, government, and tech.

In several investigations, attackers established footholds and then used those to deliver further malware or to seed front-end code that targets wallet users.

SEAL has emphasized that organizations failing to patch or monitor their servers could experience further attacks, and ongoing monitoring is essential until all systems are verified safe.

Featured image from Unsplash, chart from TradingView

Leituras Relacionadas

SaaS Battle Royale: The Survivors Who Win All Share One Common Trait

**Summary** The AI revolution has triggered a "SaaS apocalypse," forcing a brutal market shakeout. The key dividing line is the pricing model. Companies like Snowflake and Datadog, which charge based on consumption (e.g., data processed or compute used), are thriving. AI workloads actively *generate* more demand for their services, fueling growth. Datadog's accelerating revenue is a prime example. Microsoft and Palantir, as platform/ecosystem players, also benefit by acting as essential channels for AI deployment. In contrast, traditional SaaS firms built on per-seat or per-task licensing (e.g., Intuit, Adobe) face direct pressure, as AI threatens to automate the very human tasks their software supports. Companies like Salesforce, a per-seat giant, are caught in the middle. While showing strong AI monetization (e.g., its Agentforce platform) and experimenting with consumption-based "Flex Credits," its stock remains under pressure, illustrating that the market rewards *completed* transitions, not just the intent. The recent Microsoft Build conference underscored key trends: AI is evolving from an assistant to an autonomous "agent," and platform providers like Microsoft are consolidating their control. The market's recovery is highly selective, focused on identifying which companies are "fed by AI" versus "eaten by AI." Future focus will be on the diffusion of this recovery to transforming companies and the real-world adoption data of AI agents like Microsoft Copilot.

marsbitHá 17m

SaaS Battle Royale: The Survivors Who Win All Share One Common Trait

marsbitHá 17m

XRP Falters In Face Of Rival XLM: Why Retail Traders Are Dumping One For The Other

Rival cryptocurrencies XRP and XLM are seeing a shift in retail trader preference, particularly in South Korea. Data from the Upbit exchange shows XLM's 24-hour trading volume ($252.3M) has surpassed XRP's ($125.7M) for the first time. This shift is attributed to increased interest in Stellar's role in tokenized finance, fueled by news linking the network to the US DTCC. While XLM's price surged over 55% to $11, XRP fell below $1.3 despite its historical popularity in Asian markets. A separate analyst suggests XRP could follow with a significant rally, potentially targeting new highs, though this remains speculative.

bitcoinistHá 17m

XRP Falters In Face Of Rival XLM: Why Retail Traders Are Dumping One For The Other

bitcoinistHá 17m

Trend in US Stocks: Jensen Huang's One Sentence Triggers $47 Billion Surge; Google Raises Funds for First Time in 20 Years

U.S. markets reached record highs on June 2nd, but the real story was the intensifying AI arms race, now pivoting from chip supremacy to a scramble for capital to fund compute infrastructure. The day highlighted two stark realities: Nvidia CEO Jensen Huang's endorsement of Marvell Technology as the "next trillion-dollar company" at Computex fueled a historic 32.5% surge, adding $47 billion to its value. Conversely, Alphabet announced its first equity raise in two decades—an $80 billion plan—signaling that even its massive cash flow can't keep pace with soaring AI capital expenditures, forecast to exceed $180 billion in 2026. While the S&P 500 closed above 7,600 for the first time, led by tech and semiconductor stocks (SOXX +5.79%), sector performance was mixed. Alphabet's 4% drop dragged down communications services, illustrating market anxiety over the unsustainable cost of the AI buildout. Hewlett Packard Enterprise soared 25% on stellar earnings, proving AI's benefits extend beyond chip designers to infrastructure providers. Beneath the index highs, concerns linger over extreme concentration in a few AI stocks and geopolitical tensions. The focus now shifts to upcoming economic data, particularly Friday's nonfarm payrolls, which could challenge the market's current "ignore rates, chase AI" mentality.

marsbitHá 48m

Trend in US Stocks: Jensen Huang's One Sentence Triggers $47 Billion Surge; Google Raises Funds for First Time in 20 Years

marsbitHá 48m

Variant: Bitcoin, Ethereum, and ZCash Highly Likely to Become Major Stores of Value

At Variant, our investment philosophy centers on enabling individuals to own their money, identity, and data. We believe all tokens fall into two categories: stores of value (SOV) or equity-like instruments. The SOV framework is particularly useful for evaluating Layer 1 (L1) blockchains, which are major monetary coordination protocols. A good store of value should possess: 1) Technical durability, 2) Scarcity, 3) Censorship resistance, 4) Economic productivity, 5) Strong memetics, and 6) Liquidity. The total addressable market for SOV assets is massive, with gold alone valued at $31 trillion. Three L1 assets stand out as prime candidates for becoming major stores of value: Bitcoin (BTC), Ethereum (ETH), and ZCash (ZEC). Bitcoin excels in memetic dominance as "digital gold." Ethereum demonstrates superior technical durability and adaptability through its upgradeable roadmap. ZCash offers exceptional censorship resistance and privacy via its shielded transactions. While digital SOVs outperform traditional ones like gold on many metrics, they still represent a small fraction of the overall SOV market, presenting a significant growth opportunity.

marsbitHá 1h

Variant: Bitcoin, Ethereum, and ZCash Highly Likely to Become Major Stores of Value

marsbitHá 1h

Can DeepSeek Save China One Trillion Dollars?

"DeepSeek and the $1 Trillion Infrastructure Question" The article examines whether DeepSeek's AI optimization breakthroughs could potentially save China $1 trillion in future AI infrastructure costs. The analysis begins with Nvidia's upcoming Vera Rubin AI platform, costing ~$7.8 million, where memory (HBM4/LPDDR5X) constitutes $2 million—a 435% cost increase in one year, highlighting how AI hardware spending is shifting toward expensive memory components. DeepSeek's approach works in the opposite direction. Through three key technical innovations showcased in DeepSeek V4, the company dramatically improves hardware efficiency: 1. **Memory Compression (MLA)**: Re-engineers the attention mechanism to compress long-context memory (KV Cache) by over 90%, drastically reducing expensive HBM usage. 2. **Selective Activation (MoE)**: Employs Mixture-of-Experts architecture where only a small fraction of parameters (e.g., 49B out of 1.6T in V4-Pro) are activated per token, allowing most parameters to reside in cheaper memory/SSD. 3. **Computation Caching**: Reuses previously computed results via cache hits, replacing expensive GPU computations with cheap memory reads. Combined, these optimizations allow the same hardware to produce approximately 4x more tokens, effectively reducing required hardware investment by 75%. DeepSeek's pricing reflects this: a 10-billion token workload costs ~$522 monthly versus ~$9,000-$10,000 for competitors. The $1 trillion savings projection stems from McKinsey's estimate that global AI infrastructure will require ~$5.2 trillion investment by 2030. As China's daily token consumption grows toward quadrillions, even marginal efficiency gains scale massively. With a conservative 4x throughput improvement, China could avoid building tens of thousands of AI data centers equivalent to ~7 trillion RMB ($1 trillion) in saved investment. Critically, this strategy shifts dependency from scarce, expensive GPU/HBM—where China lags—toward more accessible storage, caching, and systems engineering where domestic suppliers like CXMT are gaining strength. Rather than "replacing Nvidia," DeepSeek rebalances AI's value chain away from monolithic hardware dependency. Ultimately, DeepSeek's technical breakthroughs could lower the barrier to AI adoption across Chinese industries by making advanced capabilities affordable at scale—transforming who can access next-generation AI.

marsbitHá 1h

Can DeepSeek Save China One Trillion Dollars?

marsbitHá 1h

Trading

Spot
Futuros
活动图片

Categorias popularesright-arrow

Etiquetas Popularesright-arrow