A significant security threat was discovered by Ripple targeting the XRP Ledger. This issue specifically impacts DeFi wallets utilizing the official xrpl.js package from NPM. While it remains uncertain how much user funds were affected by this complex attack, Ripple has taken steps to address the compromised packages. Fortunately, many major DeFi wallets did not use the affected package, thus preventing any substantial thefts from being reported so far.

The security breach on the XRP Ledger was initially uncovered by Aikido, a blockchain security company, which identified suspicious updates to the xrpls.js package on Ripple's NPM platform. Hackers managed to implant a sophisticated backdoor into this official software development kit, potentially allowing them to steal private keys and gain access to wallets.

Although the XRP Ledger itself is secure from this breach, services utilizing xrpl.js and updating to the compromised versions released within the last 24 hours were vulnerable. This threat prompted official warnings from Ripple's CTO, David Schwartz, and detailed explanations from senior software engineer Mayukha Vadari regarding the nature of the vulnerability.

While the breach did not directly impact the XRP Ledger, it did expose users to potential risks, considering the large amount of assets held in DeFi wallets on the XRPL. This breach highlights the danger of compromising high-trust packages like those on NPM, as such supply chain attacks can have far-reaching implications for developers and infrastructure.

Ripple has confirmed that certain major DeFi wallets were unaffected and has deprecated the compromised xrpl.js versions. Additionally, plans are in place to release a comprehensive analysis of the incident. The breach also extended to the official library for DeFi protocols connecting with XRP, raising concerns about the potential repercussions of such a sophisticated operation.