Crypto Wallets Targeted In JavaScript Library Exploit—Cybersecurity Firm

bitcoinist2025-12-16 tarihinde yayınlandı2025-12-16 tarihinde güncellendi

Özet

A critical vulnerability (CVE-2025-55182) in React Server Components (versions 19.0 to 19.2.0) is being actively exploited to inject malicious code into websites and steal cryptocurrency from connected wallets. The flaw, which allows unauthenticated attackers to execute arbitrary code on affected servers, has led to wallet-draining campaigns across multiple crypto sites. Cybersecurity firm Security Alliance (SEAL) warns that attackers are using the exploit to inject scripts that hijack or redirect transactions by altering user interfaces or swapping addresses. Over 50 organizations have reported compromise attempts, with scanning tools and exploit kits rapidly spreading in underground forums. Patched versions (19.0.1, 19.1.2, 19.2.1) are available, and all affected sites are urged to update immediately.

A critical flaw in React Server Components is being used by attackers to inject malicious code into live websites, and that code is siphoning crypto from connected wallets.

Reports note that the vulnerability, tracked as CVE-2025-55182, was published by the React team on December 3 and carries a maximum severity rating.

Cybersecurity firm Security Alliance (SEAL) has confirmed that multiple crypto websites are actively being targeted, and they urge operators to review all React Server Components immediately to prevent wallet-draining attacks.

Security teams say the bug allows an unauthenticated attacker to run code on affected servers, which has been turned into wallet-draining campaigns across several sites.

Image: Shutterstock

A Wide Risk To Sites Using Server Components

SEAL said the flaw affects React Server Components packages in versions 19.0 through 19.2.0, and patched releases such as 19.0.1, 19.1.2, and 19.2.1 were issued after disclosure.

The vulnerability works by exploiting unsafe deserialization in the Flight protocol, letting a single crafted HTTP request execute arbitrary code with the web server’s privileges. Security teams have warned that many sites using default configurations are at risk until they apply the updates.

Attackers Inject Wallet-Draining Scripts Into Compromised Pages

According to industry posts, threat actors are using the exploit to plant scripts that prompt users to connect Web3 wallets and then hijack or redirect transactions.

In some cases the injected code alters the user interface or swaps addresses, so a user believes they are sending funds to one account while the transaction actually pays an attacker. This method can hit users who trust familiar crypto sites and connect wallets without checking every approval.

BTCUSD now trading at $89,626. Chart: TradingView

Scanners And Proof-Of-Concepts Flooded Underground Forums

Security researchers report a rush of scanning tools, fake proof-of-concept code, and exploit kits shared in underground forums shortly after the vulnerability was disclosed.

Cloud and threat-intelligence teams have observed multiple groups scanning for vulnerable servers and testing payloads, which has accelerated active exploitation.

Some defenders say that the speed and volume of scanning have made it hard to stop all attempts before patches are applied.

More Than 50 Organizations Reported Compromise Attempts

Based on reports from incident responders, post-exploitation crypto activity has been observed at more than 50 organizations across finance, media, government, and tech.

In several investigations, attackers established footholds and then used those to deliver further malware or to seed front-end code that targets wallet users.

SEAL has emphasized that organizations failing to patch or monitor their servers could experience further attacks, and ongoing monitoring is essential until all systems are verified safe.

Featured image from Unsplash, chart from TradingView

İlgili Okumalar

The AI Era: When the 'Gap Between Human and Dog' Shrinks to the 'Gap Between Humans'

The article discusses how AI era is narrowing the cognitive gap between humans, using a hypothetical scoring system to illustrate the idea. Originally, the difference between individuals (e.g., a elementary student at 10 points vs. Einstein at 100) could be as vast as the difference between humans and dogs. However, with the advent of AI, which is estimated to contribute significantly to human capability (e.g., 80 points in the near term), even a less knowledgeable person equipped with AI can approach the performance of an expert. While some argue that skilled AI users (e.g., prompt engineers) may widen the gap initially, the author believes this is temporary. As AI becomes more intelligent and user-friendly, the barrier to leveraging its full potential will lower. Eventually, AI could reach a point where it contributes so much (e.g., 1000 points) that individual human differences become negligible—like two fighters using rocket launchers, where their original martial arts skills matter little. In the long run, AI will reduce relative disparities between people, even if absolute gaps persist, making expertise more accessible and diminishing the advantage of innate or highly trained human intelligence.

深潮9 dk önce

The AI Era: When the 'Gap Between Human and Dog' Shrinks to the 'Gap Between Humans'

深潮9 dk önce

From 'Infrastructure on the Blockchain' to 'Tax-Free Payments': Understanding the 'Panorama' of the U.S. Crypto Strategy

The U.S. is advancing a comprehensive crypto strategy aimed at integrating digital assets into the mainstream financial system through regulatory, infrastructural, and tax reforms. Recent developments include the appointment of Michael Selig as CFTC Chairman, who is committed to advance crypto market structure legislation, and a bipartisan proposal to exempt certain stablecoin payments from capital gains tax and defer staking income recognition for five years. These moves, combined with the DTCC’s blockchain integration for settlement, signal a coordinated effort to reduce regulatory uncertainty, clarify jurisdictional boundaries between the SEC and CFTC, and lower transactional and tax friction. The overall direction indicates a shift toward a more compliant, low-friction environment conducive to the broader adoption of crypto assets.

marsbit19 dk önce

From 'Infrastructure on the Blockchain' to 'Tax-Free Payments': Understanding the 'Panorama' of the U.S. Crypto Strategy

marsbit19 dk önce

IMF Acknowledges Progress On El Salvador Reforms, Cites Stronger Growth

The IMF acknowledges El Salvador's progress on its reform program and stronger-than-expected economic growth under its $1.4 billion Extended Fund Facility. Real GDP growth is now projected near 4% for 2025, driven by construction, remittances, and investment. The country has enacted a new fiscal law, improved transparency, and advanced governance reforms. The IMF approved a $118 million disbursement and continues to link financial support to further policy steps, including meeting fiscal targets and limiting public sector exposure to Bitcoin. While Salvadoran officials maintain Bitcoin as part of their strategy, the IMF insists on capping government holdings and reducing state involvement in crypto activities to mitigate fiscal risks.

bitcoinist25 dk önce

IMF Acknowledges Progress On El Salvador Reforms, Cites Stronger Growth

bitcoinist25 dk önce

Crypto Morning Brief: Spot Gold Hits New High Again, Gnosis Hard Fork Recovers Hacked Balancer Funds

Cryptocurrency & Market Morning Brief: Spot gold hits a new all-time high, surpassing $4,500/oz. U.S. Treasury Secretary supports reconsidering the Fed's 2% inflation target. Russia plans to allow retail investors to trade cryptocurrencies under new regulations. Gnosis Chain executed a hard fork to recover $116M from the Balancer hack. a16z highlights privacy as a key competitive advantage in crypto. Wintermute reports Bitcoin and Ethereum dominance rising, with altcoins under pressure. A $50M virtual currency robbery occurred in Hong Kong. SOL treasury firm Upexi files to raise up to $1B. Former FTX US president raises $35M for his new venture. Other updates include ZKsync Era support ending on Etherscan and market analysis.

marsbit56 dk önce

Crypto Morning Brief: Spot Gold Hits New High Again, Gnosis Hard Fork Recovers Hacked Balancer Funds

marsbit56 dk önce

2025, Ethereum: Life Through Death

By 2025, Ethereum faced an identity crisis, caught between Bitcoin's "digital gold" narrative and high-performance competitors like Solana. Regulatory clarity emerged with the U.S. CLARITY Act classifying ETH as a commodity, while the SEC’s "Project Crypto" acknowledged its decentralized nature, allowing staking rewards without securities classification. The 2024 Dencun upgrade, intended to reduce L2 costs via EIP-4844, backfired—L2s thrived but paid minimal fees to L1, crashing Ethereum’s revenue and raising sustainability concerns. The December 2025 Fusaka upgrade addressed this with EIP-7918, tying Blob fees to L1 execution costs, ensuring L2s contribute fairly to L1 revenue. PeerDAS (EIP-7594) expanded data capacity, enabling scalable, low-cost transactions. Ethereum’s new "B2B tax model" reframed its value: L2s handle high-volume, low-value transactions, while L1 provides security and settlement, capturing fees through ETH burns and staking rewards. Analysts projected an 8x increase in ETH burn rates by 2026. Valuation models now combine DCF (discounted cash flow) for protocol revenue and "trustware" pricing for its role in securing high-value assets like RWA (real-world assets), where Ethereum dominates due to its security and decentralization. Despite Solana’s edge in consumer apps, Ethereum solidified its position as the foundation for institutional-grade DeFi and RWA, transitioning into a foundational economic layer for the digital economy.

marsbit1 saat önce

2025, Ethereum: Life Through Death

marsbit1 saat önce

İşlemler

Spot
Futures
活动图片