
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
aws-ssl-profiles
Advanced tools
AWS RDS SSL Certificates Bundles.
Table of Contents
npm install --save aws-ssl-profiles
const mysql = require('mysql');
const awsCaBundle = require('aws-ssl-profiles');
// mysql connection
const connection = mysql.createConnection({
//...
ssl: awsCaBundle,
});
// mysql connection pool
const pool = mysql.createPool({
//...
ssl: awsCaBundle,
});
const mysql = require('mysql2');
const awsCaBundle = require('aws-ssl-profiles');
// mysql2 connection
const connection = mysql.createConnection({
//...
ssl: awsCaBundle,
});
// mysql2 connection pool
const pool = mysql.createPool({
//...
ssl: awsCaBundle,
});
const pg = require('pg');
const awsCaBundle = require('aws-ssl-profiles');
// pg connection
const client = new pg.Client({
// ...
ssl: awsCaBundle,
});
// pg connection pool
const pool = new pg.Pool({
// ...
ssl: awsCaBundle,
});
ssl
optionsUsing AWS SSL Profiles with custom ssl
options:
{
// ...
ssl: {
...awsCaBundle,
rejectUnauthorized: true,
// ...
}
}
{
// ...
ssl: {
ca: awsCaBundle.ca,
rejectUnauthorized: true,
// ...
}
}
const { proxyBundle } = require('aws-ssl-profiles');
{
// ...
ssl: proxyBundle,
}
AWS SSL Profiles is under the MIT License.
Please check the SECURITY.md.
Please check the CONTRIBUTING.md for instructions.
FAQs
AWS RDS SSL certificates bundles.
The npm package aws-ssl-profiles receives a total of 1,433,678 weekly downloads. As such, aws-ssl-profiles popularity was classified as popular.
We found that aws-ssl-profiles demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.