Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
@aori-io/sdk
Advanced tools
Aori TypeScript SDK
Aori is a high-performance orderbook protocol for high-frequency trading on-chain and facilitating OTC settlement. This repository provides a TypeScript SDK for interacting with the Aori API to help developers integrate and build on top of the protocol as easily as possible.
Other packages are available for more periphery use cases of Aori to help developers build trading strategies and applications faster.
| Package | Description |
|---|---|
| @aori-io/sdk | For interacting with the Aori API. These are in the form of Providers that are lightweight clients to help structure calls. |
| @aori-io/adapters | Adapters for Aggregators, Decentralised Exchanges and Liquidity Sources on-chain. Logic and quoters for QuoteMakers can also be found here. |
This SDK is released under the MIT License.
Documentation
You can find up-to-date documentation at https://docs.aori.io that details all information on our SDKs and how to use them.
FAQs
The Aori TypeScript SDK for interacting with Aori's HTTP and Websocket-based API
The npm package @aori-io/sdk receives a total of 102 weekly downloads. As such, @aori-io/sdk popularity was classified as not popular.
We found that @aori-io/sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 10 Dec 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025
Application Security
/Research
/Security News
Updated and Ongoing Supply Chain Attack Targets CrowdStrike npm Packages
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.
By Kush Pandya, Peter van der Zee, Olivia Brown, Socket Research Team - Sep 16, 2025