Hackers used a JavaScript library to deploy a program to steal funds from encrypted wallets.

PANews reported on December 15th that, according to Finance Feeds, hackers exploited a vulnerability in the React JavaScript library to inject code that steals funds from cryptocurrency wallets into websites, primarily on cryptocurrency platforms. On December 3rd, the React team released a patch for the CVE-2025-55182 vulnerability, which allows unauthenticated code to run on remote computers. The React team strongly recommends that all affected modules be upgraded immediately to prevent further exploitation. The Security Alliance (SEAL), a cybersecurity NGO, noted a significant increase in such attacks targeting well-known crypto websites and emphasized that attackers are using this vulnerability to upload malicious "funds stealers." These "funds stealers" trick users into approving fake transactions by mimicking legitimate pop-ups or reward claim information on well-known domains.