
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
crossid-auth-widgets
Advanced tools
Embeddable auth widgets, written in Javascript for Crossid
Have a bug, feature request or feedback? Please first search for existing and closed issues. If your problem or idea is not addressed yet, please open a new issue.
The main purpose of this repository is to continue evolving crossid-auth-widgets, making it more secure and easier to use. Development of this library happens in the open on GitHub, and we are grateful to the community for contributing bugfixes and improvements. Read below to learn how you can take part in improving crossid-auth-widgets.
The Crossid team takes security issues very seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.
To report a security issue, email security@crossid.io.
We'll endeavor to respond quickly, and will keep you updated throughout the process.
Crossid can:
This project is licensed under the MIT license.
FAQs
Crossid auth widgets.
The npm package crossid-auth-widgets receives a total of 17 weekly downloads. As such, crossid-auth-widgets popularity was classified as not popular.
We found that crossid-auth-widgets demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.