The Ripple cryptocurrency library "xrpl.js" was compromised, allowing attackers to steal XRP wallet seeds and private keys through malicious code in several versions. Users are urged to upgrade to the clean version 4.2.5 immediately to mitigate potential theft of funds. The attack resembles previous supply chain threats faced by other cryptocurrency libraries.