Crypto Wallets Targeted In JavaScript Library Exploit—Cybersecurity Firm

bitcoinistОпубликовано 2025-12-16Обновлено 2025-12-16

Введение

A critical vulnerability (CVE-2025-55182) in React Server Components (versions 19.0 to 19.2.0) is being actively exploited to inject malicious code into websites and steal cryptocurrency from connected wallets. The flaw, which allows unauthenticated attackers to execute arbitrary code on affected servers, has led to wallet-draining campaigns across multiple crypto sites. Cybersecurity firm Security Alliance (SEAL) warns that attackers are using the exploit to inject scripts that hijack or redirect transactions by altering user interfaces or swapping addresses. Over 50 organizations have reported compromise attempts, with scanning tools and exploit kits rapidly spreading in underground forums. Patched versions (19.0.1, 19.1.2, 19.2.1) are available, and all affected sites are urged to update immediately.

A critical flaw in React Server Components is being used by attackers to inject malicious code into live websites, and that code is siphoning crypto from connected wallets.

Reports note that the vulnerability, tracked as CVE-2025-55182, was published by the React team on December 3 and carries a maximum severity rating.

Cybersecurity firm Security Alliance (SEAL) has confirmed that multiple crypto websites are actively being targeted, and they urge operators to review all React Server Components immediately to prevent wallet-draining attacks.

Security teams say the bug allows an unauthenticated attacker to run code on affected servers, which has been turned into wallet-draining campaigns across several sites.

Image: Shutterstock

A Wide Risk To Sites Using Server Components

SEAL said the flaw affects React Server Components packages in versions 19.0 through 19.2.0, and patched releases such as 19.0.1, 19.1.2, and 19.2.1 were issued after disclosure.

The vulnerability works by exploiting unsafe deserialization in the Flight protocol, letting a single crafted HTTP request execute arbitrary code with the web server’s privileges. Security teams have warned that many sites using default configurations are at risk until they apply the updates.

Attackers Inject Wallet-Draining Scripts Into Compromised Pages

According to industry posts, threat actors are using the exploit to plant scripts that prompt users to connect Web3 wallets and then hijack or redirect transactions.

In some cases the injected code alters the user interface or swaps addresses, so a user believes they are sending funds to one account while the transaction actually pays an attacker. This method can hit users who trust familiar crypto sites and connect wallets without checking every approval.

BTCUSD now trading at $89,626. Chart: TradingView

Scanners And Proof-Of-Concepts Flooded Underground Forums

Security researchers report a rush of scanning tools, fake proof-of-concept code, and exploit kits shared in underground forums shortly after the vulnerability was disclosed.

Cloud and threat-intelligence teams have observed multiple groups scanning for vulnerable servers and testing payloads, which has accelerated active exploitation.

Some defenders say that the speed and volume of scanning have made it hard to stop all attempts before patches are applied.

More Than 50 Organizations Reported Compromise Attempts

Based on reports from incident responders, post-exploitation crypto activity has been observed at more than 50 organizations across finance, media, government, and tech.

In several investigations, attackers established footholds and then used those to deliver further malware or to seed front-end code that targets wallet users.

SEAL has emphasized that organizations failing to patch or monitor their servers could experience further attacks, and ongoing monitoring is essential until all systems are verified safe.

Featured image from Unsplash, chart from TradingView

Похожее

Weekly Token Unlock: HOME Unlocks Over 20% of Circulating Supply

Weekly Token Unlock: HOME to Release Over 20% of Circulating Supply This week, the project DeFi.app (HOME) is scheduled to unlock 790 million tokens, valued at approximately $41.26 million. DeFi.app aims to simplify DeFi trading by enabling users to purchase tokens on any blockchain, execute instant cross-chain swaps, access decentralized derivatives markets, and find yield opportunities—all without paying gas fees or using bridges, while maintaining full self-custody of assets. The accompanying chart details the specific release schedule for these tokens.

marsbit2 ч. назад

Weekly Token Unlock: HOME Unlocks Over 20% of Circulating Supply

marsbit2 ч. назад

US Stocks Suffer Worst Plunge Since 2025: Three Triggers Ignite Tech Stock Valuation Reset

The US stock market experienced its most severe sell-off since the 2025 tariff crisis on June 5th, 2025. The Nasdaq Composite plummeted 4.18%, the S&P 500 fell 2.64%, and the Dow Jones dropped 695 points. The panic stemmed from three converging factors. First, Broadcom's earnings report ignited fears of a slowdown in AI growth. While its AI chip revenue surged 143% YoY to $10.8B, its Q3 AI revenue guidance of $16B fell short of the $17.2B consensus. This triggered a massive sector-wide sell-off, with the Philadelphia Semiconductor Index crashing 10.26% and semiconductor stocks losing roughly $1.3 trillion in market value in a single day. Second, a shockingly strong May jobs report crushed hopes for Federal Reserve rate cuts. Non-farm payrolls added 172,000 jobs, doubling expectations. This robust data, combined with persistently high oil prices above $92/barrel due to the ongoing Iran war and blockade of the Strait of Hormuz, drastically increased market expectations for a potential Fed rate hike instead of a cut. Higher interest rates compress the valuations of growth-heavy tech stocks. Third, the prolonged Iran conflict continues to fuel inflationary pressures, complicating the Fed's policy decisions and undermining the "inflation is tamed" narrative. Together, these events challenged the twin pillars of the market rally: the "limitless AI growth" story and expectations for imminent monetary easing. The sell-off spread globally, impacting Asian and European markets and cryptocurrencies. The article posits this is likely a severe "valuation repricing" rather than the end of the AI story. The underlying demand for AI remains strong, but investor expectations for growth speed and the prices they are willing to pay are being recalibrated. Key upcoming factors include the June FOMC meeting, future AI company earnings, and developments in the Iran conflict.

marsbit4 ч. назад

US Stocks Suffer Worst Plunge Since 2025: Three Triggers Ignite Tech Stock Valuation Reset

marsbit4 ч. назад

From Madison Square Garden to Kalshi: Prediction Markets Break into the NBA Finals

From Madison Square Garden to Kalshi: Prediction Markets Break into the NBA Finals Prediction markets are playing a significant role in the 2026 NBA Finals, particularly around the New York Knicks' unexpected 2-0 series lead. Platforms like Kalshi and Polymarket have seen massive trading volumes, exceeding hundreds of millions of dollars on championship and related markets. Their influence extends beyond online trading. Kalshi's official partnership with Madison Square Garden has given it prominent physical branding at the arena. Furthermore, local businesses like The Jeffrey bar are using prediction market contracts to hedge the risk of game-result-based promotions, turning potential losses into manageable costs—a concept similar to the famous "Mattress Mack" strategy from traditional sports betting. These markets differentiate themselves by offering a wider, more entertainment-focused range of "event contracts" beyond typical game outcomes, such as predicting celebrity attendance. They also have broader accessibility across the U.S. compared to age- and location-restricted traditional sportsbooks. However, their rapid integration into sports raises regulatory and ethical questions. The NBA is cautiously engaging, discussing integrity frameworks with regulators like the CFTC. While the league permits minor investments like Giannis Antetokounmpo's stake in Kalshi, it advocates for strict rules to prevent insider trading. Many fans express concern on platforms like Reddit, fearing that the close ties between prediction markets, the league, and players could compromise the game's integrity. The NBA Finals has thus become a high-stakes testing ground, showcasing prediction markets' commercial potential while challenging traditional boundaries between financial trading, entertainment, and gambling.

marsbit6 ч. назад

From Madison Square Garden to Kalshi: Prediction Markets Break into the NBA Finals

marsbit6 ч. назад

Recursive Self-Improvement AI Gains Traction, Google Pours Cold Water, While DeepSeek and Others Approach the Fringes

The term "recursive self-improvement" (RSI), where AI improves itself autonomously, is gaining momentum in the AI industry. Startups like Recursive Superintelligence and projects such as Andrej Karpathy's Auto-Research aim to create systems where AI designs, implements, and validates its own research, moving toward superintelligence. While Google CEO Sundar Pichai cautions that such exponential acceleration is not yet a reality, progress is evident. For instance, Anthropic reported its Claude Code writes nearly 100% of the team's code, though it still lacks true self-direction. Analysts frame RSI development in stages: "adequacy" (systems functioning without humans), "parity" (matching human research quality), and "supremacy" (exceeding human-AI collaboration). Reaching parity could trigger rapid, unpredictable advancement due to AI's continuous operation. In China, companies like DeepSeek and Baidu incorporate self-optimization techniques without explicitly branding them as RSI, focusing on algorithmic efficiency and reinforcement learning. However, challenges remain, including "model collapse" from training on AI-generated data and the immense computational and open-collaboration requirements. Ultimately, RSI represents a trend of increasing automation in AI development, potentially reducing human oversight in the creation process itself.

marsbit6 ч. назад

Recursive Self-Improvement AI Gains Traction, Google Pours Cold Water, While DeepSeek and Others Approach the Fringes

marsbit6 ч. назад

Anthropic Warns Globally, OpenAI Has Crossed the 'Reliability Threshold': AI Self-Acceleration Activated

Anthropic issues a global warning, urging a pause in AI research due to fears of recursive self-improvement where AI accelerates its own development, nearing a "self-building" tipping point. Simultaneously, OpenAI's Yann Dubois provides a key insight: AI's perceived "jump" in usefulness stems from crossing a "reliability threshold." Before this point, AI is an unreliable toy; after (around Dec 2023 for OpenAI), it becomes a dependable tool, triggering self-acceleration. This is evident as AI now assists in its own R&D, boosting researcher productivity. Dubois argues AI development is more "craft" than pure science, relying heavily on intuition. He highlights "the last-mile AI dividend": if current models were frozen, focused development on vertical application harnesses (orchestration systems connecting AI to real-world data and permissions) could deliver AGI-like performance in many domains. The main bottleneck isn't model intelligence, but integration—granting access, connecting data, and embedding into workflows. However, major challenges remain, like enabling continual learning so AI improves with experience rather than plateauing. For startups, the opportunity lies in solving these intricate, real-world integration problems—the hard work of bringing powerful models down to ground level.

marsbit6 ч. назад

Anthropic Warns Globally, OpenAI Has Crossed the 'Reliability Threshold': AI Self-Acceleration Activated

marsbit6 ч. назад

Торговля

Спот
Фьючерсы
活动图片

Популярные категорииright-arrow

Популярные тегиright-arrow