![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
@geek/jsonc
Advanced tools
Readme
JSONC and JSON utilities for JavaScript with Node.js.
JSONC and JSON utilities for JavaScript with Node.js.
@geek/jsonc
in root of projectnpm install @geek/jsonc
project | description | npm |
---|---|---|
@geek/google-sheets | Easy way to manage Google Sheets API from Node.js | ![]() |
project | description | npm |
---|---|---|
@geek/cache | Caching module for Node.js | ![]() |
@geek/jsonc | JSONC and JSON utilities for JavaScript with Node.js | ![]() |
@geek/jwt | JWT parser for JavaScript Node.js and Titanium native mobile | ![]() |
@geek/logger | Logging module for Node.js | ![]() |
@geek/mobile | Toolkit for creating, building, and managing mobile app projects. | ![]() |
@geek/retry | Retry JavaScript functions and promises in Node.js | ![]() |
Have an idea or a comment? Join in the conversation here!
Follow
Brenton House
for the latest on great modules and libraries!
Code is licensed under MIT
Alloy is developed by Appcelerator and the community and is Copyright © 2012-Present by Appcelerator, Inc. All Rights Reserved.
Alloy is made available under the Apache Public License, version 2. See their license file for more information.
Appcelerator is a registered trademark of Appcelerator, Inc. Titanium is a registered trademark of Appcelerator, Inc. Please see the LEGAL information about using trademarks, privacy policy, terms of usage and other legal information at http://www.appcelerator.com/legal.
FAQs
Unknown package
The npm package @geek/jsonc receives a total of 12 weekly downloads. As such, @geek/jsonc popularity was classified as not popular.
We found that @geek/jsonc demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.