attacker_present_helloworld
Advanced tools
Supply Chain Security
Vulnerability
Quality
Maintenance
License
Known malware
Supply chain riskThis package is malware. We have asked the package registry to remove it.
Found 2 instances in 1 package
Unpopular package
QualityThis package is not very popular.
Found 1 instance in 1 package
AI-detected possible typosquat
Supply chain riskThere is a package with a similar name that is downloaded much more often.
| Did you mean |
|---|
cordova-app-hello-world |
This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
Please refer to www.npmjs.com/advisories?search=attacker_present_helloworld for more information.
FAQs
security holding package
The npm package attacker_present_helloworld receives a total of 0 weekly downloads. As such, attacker_present_helloworld popularity was classified as not popular.
We found that attacker_present_helloworld demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Vite releases Rolldown-Vite, a Rust-based bundler preview offering faster builds and lower memory usage as a drop-in replacement for Vite.
Research
Security News
A malicious npm typosquat uses remote commands to silently delete entire project directories after a single mistyped install.
Research
Security News
Malicious PyPI package semantic-types steals Solana private keys via transitive dependency installs using monkey patching and blockchain exfiltration.
