According to Foresight News, Aikido Security, a cryptocurrency security research organization, has identified a security vulnerability in the official XRPL NPM package. The backdoor program is capable of stealing users' private keys and transmitting them to attackers. Versions affected by this issue range from 4.2.1 to 4.2.4. Aikido Security advises users of earlier versions to refrain from upgrading to these compromised versions.