Ledger just released an important update to their desktop and mobile versions of the Ledger Live application.  If you are using a Ledger wallet, this one applies to you. 

The new update, version 2.4.1, upgrades the Ledger Bitcoin app to version 1.4.2 which resolves a vulnerability allowing an attacker to increase the transaction fees without the user noticing.

The details are described at https://support.ledger.com/hc/en-us/articles/360014191540-Massive-transaction-fees-in-BTC-and-BTC-based-apps

How could an attacker exploit this vulnerability?
The attack requires the client application to be compromised. This could be done by tricking users into installing a fake version of Ledger Live or any other wallet application. Then, when making a transaction with at least one Segwit input the user has to be tricked into making multiple transactions of which the inputs are then later combined. The attacker may then broadcast a transaction to the network with much higher transaction fees.

In addition, the update adds native segwit support to LTC and DGB.