![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
@titanium/appcelerator
Advanced tools
Readme
This is an attempt to create a dual installer for Appcelerator AND Titanium that will work after the End-of-Life (EOL) for this Axway Amplify product.
This project will also update product with security patches to reduce vulnerabilities that might exist.
This is the installer for the Appcelerator Platform software stack.
Install globally using npm such as (if using Windows, don't use sudo prefix):
$ [sudo] npm install appcelerator -g
This adds two binary executable commands: appcelerator
or the shortcut appc
.
Once installed, you should run setup such as:
$ appc setup
This will install the latest version of the Appcelerator Platform tooling. Once installed, you can then run the various commands. To get a valid list of commands, run help:
$ appc help
By default, the latest downloaded version will be used. You can switch to a newer or older version with the use command:
$ appc use 1.2.0
This will switch the active version to 1.2.0. If you don't have this version installed locally, it will fetch this version and download it.
To get a list of all the available versions for download:
$ appc use
The following versions are available:
0.0.97 Installed (Latest) (Active) Sat Dec 27 2014 22:37:03 GMT-0800 (PST)
0.0.96 Installed Sat Dec 27 2014 17:32:16 GMT-0800 (PST)
This code is Confidential and Proprietary to Appcelerator, Inc. All Rights Reserved. This code MUST not be modified, copied or otherwise redistributed without express written permission of Appcelerator. This file is licensed as part of the Appcelerator Platform and governed under the terms of the Appcelerator license agreement. Your right to use this software terminates when you terminate your Appcelerator subscription.
FAQs
Unknown package
The npm package @titanium/appcelerator receives a total of 12 weekly downloads. As such, @titanium/appcelerator popularity was classified as not popular.
We found that @titanium/appcelerator demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.