Merge pull request #3097 from XRPLF/amarantha-k-patch-1

amarantha-k · web-flow · commit 535c3cb6bacc · 2025-04-28T09:39:57.000-07:00
Update blog post to fix timestamp under Discovery section
diff --git a/blog/2025/vulnerabilitydisclosurereport-bug-apr2025.md b/blog/2025/vulnerabilitydisclosurereport-bug-apr2025.md
@@ -38,7 +38,7 @@ As of today, no downstream effects have been reported. Those that have installed
 
 ### Discovery
 
-At 9:14 AM UTC on 22 Apr 2025, Ripple teams were alerted by a security researcher from Aikido Security about a breach in the `xrpl` package in the npmjs.com repository. The malicious package contained a function called `checkValidityOfSeed`, which triggers a call to the attacker’s domain to surreptitiously steal information used to assemble an XRPL private key.
+At 8:14 AM UTC on 22 Apr 2025, Ripple teams were alerted by a security researcher from Aikido Security about a breach in the `xrpl` package in the npmjs.com repository. The malicious package contained a function called `checkValidityOfSeed`, which triggers a call to the attacker’s domain to surreptitiously steal information used to assemble an XRPL private key.
 
 Ripple and the XRPL Foundation began investigating the incident, and learned from the Aikido team that versions `4.2.1` through `4.2.4` (as well as `2.14.2`) were impacted. As part of this discovery process, Ripple engineering teams verified that malicious code was initially implemented within the functions `generate(algorithm = DEFAULT algorithm)` and `fromRFC1751Mnemonic(mnemonic, opts)`. This code was published in all cases directly into npm (bypassing all PR approval processes) using the same compromised user account.
 
@@ -109,4 +109,4 @@ For more information or to report further issues, please contact the team at bug
 | Initial Discovery | April 22nd, 2025 08:14 UTC | Ripple alerted by an external  security researcher about a breach in the `xrpl` package on npm. |
 | Mitigation Actions Taken | April 22nd, 2025 08:14 - 12:34 UTC | Affected npm packages were deprecated; new packages uploaded to prevent the compromise in new dependent software releases. |
 | Library Resolution Completed | April 22nd, 2025 12:34 UTC | The npm package vulnerability has been mitigated. |
-| Additional Mitigation Actions | April 22nd, 2025 | Further remediation actions described above taken (e.g., CVE publishing, domain reporting, etc). |
+| Additional Mitigation Actions | April 22nd, 2025 | Further remediation actions described above taken (e.g., CVE publishing, domain reporting, etc). |
