Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
catiline
Advanced tools
Readme
Catiline.js is a JavaScript library all about workers. Workers should make your life easier, not harder, and with Catiline.js launching a new worker is as simple as calling a function. It works the same across all (modern) browsers. Formerly known as Communist.js, Catiline.js is the same great library with a less controversial name.
How easy is it? var worker = cw(myFunc)
creates a worker. Send it data with var response = worker.data(YOUR DATA);
, and the response is a promise. It's that easy. For more in-depth usage, checkout the examples bellow or the
Want to use it? Grab the development version or production version from the dist folder.
For usage in addition to the API page and documentation, I wrote a blog post about Catiline.js (under its old name). Or, you can browse some demos:
Updates and changes are all in the changelog.
There is also a plugin list.
Important: the file catiline.js or catiline.min.js should be a standalone file hosted on the same domain as your web page. If you can't, or need to bundle catiline but you need it to work on IE10, Opera, and Safari, you have to host the file "SHIM_WORKER.js" on the same domain as the html file
and set the path to it in a global variable SHIM_WORKER_PATH
before you load catiline.
This grew out of my work with earlier versions of this library and my differences in opinion with Parallel.js's direction. There is also a library doing very similar things called operative.
FAQs
Multi proccessing with workers in the browser.
We found that catiline demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.