
Research
Malicious Go “crypto” Module Steals Passwords and Deploys Rekoobe Backdoor
An impersonated golang.org/x/crypto clone exfiltrates passwords, executes a remote shell stager, and delivers a Rekoobe backdoor on Linux.
homebridge-esp8266leds
Advanced tools
Homebridge plugin to control LEDS with this firmware https://github.com/rvt/esp8266leds
An homebridge plugin that create an HomeKit Lightbulb that will work together with https://github.com/rvt/esp8266leds
A lot of EPS8266 let example I found use on/or or use 256 level RGB model. I wanted something more accurate when it came to color reproduction and better control over dimming. esp8266 leds uses floating point math (floating point math on esp8266 is extreemly fast), uses cie1931 curve for dimming and uses a RGB map for color reproduction so that yellows are more yellow, and oranges, look more natural. Dimming can be done in 2047 level instead of 256 as much other libraries use.
So for example when implementing a wake up light we get very gradual light incresements from very orange to light yellows.
Follow the instruction in homebridge for the homebridge server installation. The plugin is published through NPM and should be installed "globally" by typing:
npm install -g homebridge-esp8266leds
Version 0.0.1
Version 1.0.0
Remember to configure the plugin in config.json in your home directory inside the .homebridge directory. Configuration parameters: the URL, username and password is for your MQTT login.
{
"accessory": "esp8266leds",
"name": "Bed Light",
"url": "http://localhost:1883",
"username": "<USERNAME>",
"password": "<PASSWORD>",
"caption": "Bed Light",
"baseTopic": "RGBW/00AD4715"
}
FAQs
Homebridge plugin to control LEDS with this firmware https://github.com/rvt/esp8266leds
We found that homebridge-esp8266leds demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
An impersonated golang.org/x/crypto clone exfiltrates passwords, executes a remote shell stager, and delivers a Rekoobe backdoor on Linux.

Security News
npm rolls out a package release cooldown and scalable trusted publishing updates as ecosystem adoption of install safeguards grows.

Security News
AI agents are writing more code than ever, and that's creating new supply chain risks. Feross joins the Risky Business Podcast to break down what that means for open source security.