
Research
/Security News
jscrambler npm Package Compromised in Supply Chain Attack
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.
@r2don/react-naver-map
Advanced tools
네이버 맵을 리액트에서 사용하기 편하게 만들어 둔 라이브러리입니다.
# with npm
npm i @r2don/react-naver-map
# with yarn
yarn add @r2don/react-naver-map
# with pnpm
pnpm add @r2don/react-naver-map
기본 스타일이 적용되어있지 않으니, 필요에 맞게 width와 height를 적용해주세요.
import { Map, useNaverMapInit, Marker } from '@r2don/react-naver-map'
const MARKERS = [
{latitude: 37., longitude: 127},
{latitude: 37.5, longitude: 127.5},
{latitude: 38, longitude: 128},
{latitude: 38.5, longitude: 128.5},
]
function App () {
const {isLoaded} = useNaverMapInit();
if(!isLoaded) return null;
return (
<Map center={{latitude: 37.3595704, longitude: 127.105399}} style={{height: '500px', width: '500px'}}>
{MARKERS.map((marker) => <Marker key={JSON.stringify(marker)} position={marker} />)}
</Map>
);
}
Licensed under the MIT License, Copyright (c) 2022 r2don.
See LICENSE for more information.
FAQs
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.

Research
/Security News
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.

Security News
/Research
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.