The development team behind the popular Electrum Bitcoin wallet app has issued an emergency patch for a critical vulnerability in the company bitcoin wallets. The vulnerability allowed any website hosting the Electrum wallet to potentially steal the users cryptocurrency. The flaw seems to be present in the software for almost two years, it is related to the exposure of passwords in the. JSONRPC interface of the Bitcoin and.Ethereum nodes that should be only exposed locally should be exposed locally. The company first issued a security patch failed to address the issue, then Electrum opted out to issue a second update on Sunday evening.”]
Source: http://securityaffairs.co/wordpress/67591/digital-id/electrum-wallet-flaw.html