Critical React Bug Enables Token Drain Across Thousands of Websites

Published at 2025-12-16 13:30:22

Security researchers warned on Dec. 16, 2025 that a critical bug in React is being actively abused to inject malicious code into thousands of websites. Attackers use the flaw to deploy crypto-mining tools and broader malware that can hijack server resources and insert scripts into pages that handle cryptocurrency transactions, creating a pathway to intercept wallet activity and siphon tokens.

The issue matters for both developers and crypto users because compromised front-ends can bypass conventional backend controls and target client-side wallets and browser extensions. Site operators should prioritize applying vendor patches, auditing third-party dependencies and scripts, and enforcing strict content-security policies. Crypto users should double-check transaction flows, consider using hardware wallets, and monitor account activity while affected services patch the vulnerability.

MalwareCryptoSecurityReactExploit
Share on:

Related news

Russia to Ban Cash-for-Crypto Trades, Require Bank-Mediated Transactions

Russia will prohibit cash-for-crypto transactions and require trades to go through cashless, bank-mediated channels, a senior central bank official said. The measure is meant to increase oversight of crypto-related flows and clamp down on informal peer-to-peer markets.

CryptoCentral BankRussiaRegulationComplianceBanking
Published at 2026-04-10 11:30:09
Aethir Stops Bridge Exploit, Vows Compensation After Under $90K Loss

Aethir says it halted a bridge exploit on its Ethereum-linked contracts, keeping losses below $90,000. Security firm PeckShield had earlier estimated the damage at about $400,000; Aethir pledged to compensate affected users.

BridgeEthereumSecurityPeckShieldAethirATH
Published at 2026-04-10 11:15:12
SEC Seeks Feedback on Listing Options for Grayscale Multi-Asset Crypto ETF

The SEC is evaluating a proposal to list options on a Grayscale multi-asset crypto ETF and has asked for additional public comment as it assesses risks tied to crypto-related derivatives. Regulators want input on market structure, surveillance, and investor protections.

SECGrayscaleETFDerivativesCryptoOptions
Published at 2026-04-09 23:00:17
CZ Says Rival Exchanges Spent Millions to Block His Pardon and Binance U.S. Return

Binance CEO Changpeng Zhao alleges U.S. crypto exchanges funded multi-million dollar lobbying to block a pardon from former President Donald Trump and keep Binance out of the U.S. market. The claim has not been independently verified.

BinancePardonUS MarketCZLobbyingCrypto
Published at 2026-04-09 21:32:58
Major Android Flaw Exposed Millions of Crypto Wallets to Hackers

Microsoft Defender researchers say a critical bug in a widely used third-party Android SDK may have exposed tens of millions of cryptocurrency wallets to potential data theft. Users and developers are urged to update apps and apply patches immediately.

SecurityCryptoAndroidWalletsMicrosoft Defender
Published at 2026-04-09 20:46:23

DeFi

All DeFi posts

Bitcoin

All Bitcoin posts

Derivatives

All Derivatives posts

Dogecoin

All Dogecoin posts

On-Chain

All On-Chain posts