
Research
/Security News
Toptal’s GitHub Organization Hijacked: 10 Malicious Packages Published
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
@balena/node-crc-utils
Advanced tools
CRC Utils. Combines two or more CRC32 checksums into new one.
Combines two or more CRC32 checksums into new one.
##How to install:
npm install @balena/node-crc-utils
##How to build:
Install emscripten, clone this repo then
npm run build
##Example:
const crcUtils = require('@balena/node-crc-utils');
// for crc32 checksum use lib: https://github.com/brianloveswords/buffer-crc32/
const crc32 = require('buffer-crc32');
const foo = Buffer.from('foo');
const bar = Buffer.from('bar');
const fooCrc32 = crc32(foo); // <Buffer 8c 73 65 21>
const barCrc32 = crc32(bar); // <Buffer 76 ff 8c aa>
const foobar = Buffer.from('foobar');
const foobarCrc32 = crc32(foobar);
crcUtils.ready.then(() => {
const foobarCrc32Combined = crcUtils.crc32_combine(
fooCrc32.readUInt32BE(0),
barCrc32.readUInt32BE(0),
bar.length
);
// CRC32 are the same but Endianness is prepared for GZIP format
console.log(foobarCrc32); // <Buffer 9e f6 1f 95>
console.log(foobarCrc32Combined); // <Buffer 95 1f f6 9e>
});
v3.0.1
FAQs
CRC Utils. Combines two or more CRC32 checksums into new one.
The npm package @balena/node-crc-utils receives a total of 2,573 weekly downloads. As such, @balena/node-crc-utils popularity was classified as popular.
We found that @balena/node-crc-utils demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
Research
/Security News
Socket researchers investigate 4 malicious npm and PyPI packages with 56,000+ downloads that install surveillance malware.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.