
Research
Security News
Malicious npm Packages Use Telegram to Exfiltrate BullX Credentials
Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.
Conbine is a subset of ConboJS for use in combination with your favourite view framework, including React, or server-side applications using Node.js.
The library enables developers to add features including an event bus, command pattern and property injection, supported by an easy to use event model, while only adding around 3KB to your project when minified and gzipped.
FAQs
A subset of ConboJS for use with your favourite view framework
The npm package conbine receives a total of 82 weekly downloads. As such, conbine popularity was classified as not popular.
We found that conbine demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.
Research
Security News
Malicious npm packages posing as developer tools target macOS Cursor IDE users, stealing credentials and modifying files to gain persistent backdoor access.
Security News
AI-generated slop reports are making bug bounty triage harder, wasting maintainer time, and straining trust in vulnerability disclosure programs.