
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
@cheststore/cli
Advanced tools
This is a CLI interface to interact with a chest.store server to manage buckets & objects including listing, uploading, and downloading. Note that you can use the git CLI like you would any other remote & repo without this package installed.
chest.store has a built in HTTP git server and can be used like any other git remote to clone, push, pull, etc. any repository that uses git for its version control. Therefore, use git CLI or another git client to interact with your chest.store server without this package by simply setting up a new remote in your repository(ies) of choice to your chest.store server and push/pull as changes are made.
$ # `https://app.chest.store` below can be replaced with your server
$ git remote add chest https://app.chest.store/git/$YOUR_USERNAME/REPO_NAME
$ git push chest master
$ npm install -g @cheststore/cli
$ chest config
$ chest --help
config
- Initialize configuration options such as the server endpoint and API key the CLI will use to execute requests.ls
- List objects in your bucket (can be used to get the ID needed to use in $ chest download ...
)
$ chest ls myFileName
lsb
- List all cloud buckets you have access todownload
- Download file/object from a chest.store server to your file system. Takes the object ID (get from ls
) as a parameter
$ chest download qqqq4011-a999-1234-89a4-xxxxx5aaaaaa
upload
- Upload files on your local file system to a chest.store server.
$ chest upload ./local/file.txt
FAQs
CLI interface to interact with chest.store
We found that @cheststore/cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.