
Research
/Security News
Chrome and Firefox Extensions Posing as Free VPNs Add Clipboard Stealers via Malicious Updates
Malicious Chrome and Firefox extensions posed as free VPNs while stealing clipboard data through later extension updates.
blind-push-gateway
Advanced tools
POC - This is a proof-of-concept still. Breaking changes possible till the V1 release.
P2P push notification gateway for blind-peer clients. The service exposes a forward-push RPC method over Hyperswarm, converts the request into Android/APNS payloads, and forwards it through an external push provider such as Firebase Cloud Messaging.
npm install blind-push-gateway
Create a config file at ~/.blind-push-gateway/config.json:
{
"certPath": "./service-account.json",
"notification": {
"title": "Keet",
"body": "✉️"
},
"apnsTopic": "io.keet.app"
}
Then run:
blind-push-gateway run
The service will log its public key on startup. Clients can connect to that swarm key and send forward-push RPC requests.
protomux-rpc-router.forward-push request encoded with blind-push/encodings.blind-push-gateway run [options]
--config|-c [path]: config path, defaults to ~/.blind-push-gateway/config.json--storage|-s [path]: storage path, defaults to ~/.blind-push-gateway/storageconst service = new BlindPushGateway(swarm, router, externalPushService, opts)Create a new gateway service.
swarm: Hyperswarm instancerouter: ProtomuxRPCRouter instanceexternalPushService: object with an async send(message) methodopts.notification: default notification payload, defaults to { title: 'Keet', body: '✉️' }opts.apnsTopic: APNS topic, defaults to io.keet.appawait service.ready()Start the gateway and begin listening for RPC connections.
await service.close()Gracefully shut down the gateway.
service.publicKeyThe swarm public key clients use to connect.
FAQs
P2P Push notification gateway that work with blind-peer
The npm package blind-push-gateway receives a total of 19 weekly downloads. As such, blind-push-gateway popularity was classified as not popular.
We found that blind-push-gateway demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
Malicious Chrome and Firefox extensions posed as free VPNs while stealing clipboard data through later extension updates.

Research
/Security News
Miasma Mini Shai-Hulud hits @immobiliarelabs Backstage plugins, targeting GitLab and LDAP auth packages on npm.

Security News
Rolldown paused Rust React Compiler integration after a 5MB binary size increase raised concerns about shipping React-specific code to all Vite users.