Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
github.com/turbine/go-heatmap
This is a toolkit for creating heatmaps. Heatmaps are awesome. I use them for a few things, and now you can, too.
There are quite a few things you can do here and they don't all have
the high level documentation they deserve currently. You can start by
looking at the example to get a feel for what you can do.
Basically, feed in a bunch of x,y
type data and get back a heatmap.
Awesome.
Here's an example from a real-live report:
Colors are always the hardest part, so I attempted to make it easy by providing three things:
gheat has a set of colors that are available by default under
the schemes
subpackage. You can preview them in
their documentation and use them directly.
The schemes
subpackage also has a tool for generating a color scheme
from an image. Given an image that looks like this:
You can use schemes.FromImage("/path/to/file")
to load it and use it
directly. Colors near the bottom are for sparsely populated areas and
colors near the top are for areas that are densely populated.
You can also compute a color scheme from spec using schemes.Build
.
This lets you specify starting and ending colors across multiple
segments. Fun away!
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.