Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
github.com/clausecker/nfc
This is a Go wrapper for the libnfc.
You need the following libnfc version to use this code:
versions <= 2.0.2 need libnfc version 1.7.0 or 1.7.1
version >= 2.1.0 need libnfc version 1.8.0 or later
Due to an unfortunate ABI breakage, libnfc version 1.7.2 cannot be used with this wrapper.
The code has not been thoroughly tested yet. Please report any errors to the project. The API is considered stable as of version 2.0 and will probably not change in incompatible ways in the near future.
Version 2.0.2 and earlier of this wrapper have been developed before the advent of Go modules. For this reason, they use a weird homecooked scheme for their versioning involving the 2.0 and latest directories. These can safely be ignored for new developments. Using Go modules, only version 2.1.0 and later are available.
To use this library, install libnfc version 1.8.0 or newer and import
github.com/clausecker/nfc/v2
into your project. This project uses go modules for versionning and tries its best to follow the usual guidelines for interface stability.
Copyright (c) 2014--2020 Robert Clausecker fuzxxl@gmail.com
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation, version 3.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.