Research
wget to Wipeout: Malicious Go Modules Fetch Destructive Payload
Socket's research uncovers three dangerous Go modules that contain obfuscated disk-wiping malware, threatening complete data loss.
By Kush Pandya - May 01, 2025
📅 You're Invited: Meet the Socket team at RSAC (April 28 – May 1).RSVP →
@0xbeejs/requester
Advanced tools
To communicate with a WebSocket service like an RPC call, avoiding the need to manually match requests and responses in callbacks
Install
$ npm install @0xbeejs/requester
$ yarn add @0xbeejs/requester
Usage
import Requester from "@0xbeejs/requester"
const requeter = new Requester("ws://<YOUR_ENDPOINT>")
interface ReconnectState {
reconnectAttempts: number;
requestQueue: number;
responseQueue: number;
}
const pid = process.pid;
const requester = new Requester(`<endpoint>`, {
reconnect: {
auto: true,
delay: 1000,
onTimeout: true,
},
},
);
requester.currentProvider.on('connect', () => {
console.log('Connection Established');
});
requester.currentProvider.on('close', () => {
console.log('Connection Closed');
});
requester.currentProvider.on('reconnect', (data: ReconnectState) => {
console.log(`Connection reconnect`);
});
async function start() {
// Asynchronously send message through Websocket and asynchronously retrieve the result
// The library internally establishes the correspondence between requests and responses
const data = await requester.send({req: "tx.detail", arg: {txId: "<TX_ID>"}})
return data
}
start()
FAQs
Promise based websocket client
The npm package @0xbeejs/requester receives a total of 1 weekly downloads. As such, @0xbeejs/requester popularity was classified as not popular.
We found that @0xbeejs/requester demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 17 Dec 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Using Trusted Protocols Against You: Gmail as a C2 Mechanism
Socket uncovers malicious packages on PyPI using Gmail's SMTP protocol for command and control (C2) to exfiltrate data and execute commands.
By Olivia Brown - Apr 30, 2025
Product
A New Overview in our Dashboard
We redesigned Socket's first logged-in page to display rich and insightful visualizations about your repositories protected against supply chain threats.
By André Staltz - Apr 29, 2025