
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
github.com/iomz/radiko-auto-downloader
Sometimes we miss our favorite shows on radiko and they get vanished from http://radiko.jp/#!/timeshift – let's just keep them automatically saved locally, from AoE.
Disclaimer:
radikron requires FFmpeg to combine m3u8 chunks to a single aac file (or convert to mp3).
Make sure ffmpeg
exists in your $PATH
.
The docker image already contains all the requirements including ffmpeg.
go install github.com/iomz/radikron/cmd/radikron@latest
Create a configuration file (config.yml
) to define rules for recording:
area-id: JP13 # if unset, default to "your" region
extra-stations:
- ALPHA-STATION # include stations not in your region
ignore-stations:
- JOAK # ignore stations from search
minimum-output-size: 2 # do not save an audio below this size (in MB), default is 1 (MB)
rules:
airship: # name your rule as you like
station-id: FMT # (optional) the staion_id, if not available by default, automatically add this station to the watch list
title: "GOODYEAR MUSIC AIRSHIP~シティポップ レイディオ~" # this can be a partial match
citypop:
keyword: "シティポップ" # search by keyword (also a partial match)
window: 48h # only within the past window from the current time
hiccorohee:
pfm: "ヒコロヒー" # search by pfm
trad:
dow: # filter by day of the week (e.g, Mon, tue, WED)
- wed
- thu
station-id: FMT
title: "THE TRAD"
In addition, set ${RADICRON_HOME}
to set the download directory.
mkdir -p ./radiko/{downloads,tmp} && RADICRON_HOME=./radiko radikron -c config.yml
By default, it mounts ./config.yml
and ./radiko
to the container.
docker compose up
In case the image is not available for your platform:
docker compose build
This project is heavily based on yyoshiki41/go-radiko and yyoshiki41/radigo, and therefore follows the GPLv3 License.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.