
Research
/Security News
60 Malicious Ruby Gems Used in Targeted Credential Theft Campaign
A RubyGems malware campaign used 60 malicious packages posing as automation tools to steal credentials from social media and marketing tool users.
(Previously known as es5-ext
)
Non-standard or soon to be standard language utilities in a future proof, non-invasive form.
Doesn't enforce transpilation step. Where it's applicable utilities/extensions are safe to use in all ES3+ implementations.
npm install ext
globalThis
Function
Math
Object
Promise
String
String.prototype
Thenable.prototype
FAQs
JavaScript utilities with respect to emerging standard
The npm package ext receives a total of 5,590,814 weekly downloads. As such, ext popularity was classified as popular.
We found that ext demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A RubyGems malware campaign used 60 malicious packages posing as automation tools to steal credentials from social media and marketing tool users.
Security News
The CNA Scorecard ranks CVE issuers by data completeness, revealing major gaps in patch info and software identifiers across thousands of vulnerabilities.
Research
/Security News
Two npm packages masquerading as WhatsApp developer libraries include a kill switch that deletes all files if the phone number isn’t whitelisted.