Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@reach/visually-hidden
Advanced tools
Render text that is announced to screen readers but visually hidden.
@reach/visually-hidden is a React component that allows you to hide content visually while keeping it accessible to screen readers. This is useful for providing additional context or instructions to users who rely on assistive technologies without cluttering the visual interface.
Visually Hidden Text
This feature allows you to hide text visually while keeping it accessible to screen readers. This is useful for adding extra context or instructions for screen reader users.
<VisuallyHidden>This text is hidden visually but accessible to screen readers.</VisuallyHidden>
Visually Hidden Input Labels
This feature allows you to hide input labels visually while keeping them accessible to screen readers. This ensures that forms are accessible without cluttering the visual design.
<label><VisuallyHidden>Username</VisuallyHidden><input type='text' name='username' /></label>
Docs | Source | Origin | Further reading
Provides text for screen readers that is visually hidden. It is the logical opposite of the aria-hidden
attribute.
In the following example, screen readers will announce "Save" and will ignore the icon; the browser displays the icon and ignores the text.
import VisuallyHidden from "@reach/visually-hidden";
function Example() {
return (
<button>
<VisuallyHidden>Save</VisuallyHidden>
<span aria-hidden>💾</span>
</button>
);
}
FAQs
Render text that is announced to screen readers but visually hidden.
The npm package @reach/visually-hidden receives a total of 166,187 weekly downloads. As such, @reach/visually-hidden popularity was classified as popular.
We found that @reach/visually-hidden demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.