That Unciphered article about the supposedly newly discovered Bitcoin wallet vulnerability sure looks an awful lot like a cheap marketing hackjob that tries to recycle and rebrand an old and documented security issue to drum up press coverage...
(Why I consider it a hackjob: it does weird stuff like referencing yarnpkg, which is just an npm mirror, as an authoritative source; and then it doesn't even link the real package, but some random fork that approximately nobody uses)
Like, don't get me wrong, it was a legitimate problem, but the emphasis here is on "was" - it was discovered and publicly talked about years ago