
Research
Malicious Go “crypto” Module Steals Passwords and Deploys Rekoobe Backdoor
An impersonated golang.org/x/crypto clone exfiltrates passwords, executes a remote shell stager, and delivers a Rekoobe backdoor on Linux.
cubic-timing-provider
Advanced tools
An implementation of the timing provider specification.
This is an implementation of a TimingProvider as it is defined by the Timing Object specification. It uses WebRTC to communicate between the connected clients.
This package is available on npm and can be installed by running npm's install command.
npm install timing-provider
This package exposes the TimingProvider class which can be used to instantiate
a TimingProvider.
import { TimingProvider } from 'timing-provider';
const timingProvider = new TimingProvider('aSuperSecretClientId');
The only constructor argument the TimingProvider expects is the clientId. This is unfornately necessary to do the signaling process which establishes the WebRTC connection. Currently there is no automated way to get a clientId. Please send a quick email to info@media-codings.com if you like to have a clientId for your project.
The TimingProvider can be used with the TimingObject of the timing-object package.
FAQs
An implementation of the timing provider specification.
The npm package cubic-timing-provider receives a total of 4 weekly downloads. As such, cubic-timing-provider popularity was classified as not popular.
We found that cubic-timing-provider demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
An impersonated golang.org/x/crypto clone exfiltrates passwords, executes a remote shell stager, and delivers a Rekoobe backdoor on Linux.

Security News
npm rolls out a package release cooldown and scalable trusted publishing updates as ecosystem adoption of install safeguards grows.

Security News
AI agents are writing more code than ever, and that's creating new supply chain risks. Feross joins the Risky Business Podcast to break down what that means for open source security.