![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
ip-monitor
Advanced tools
Readme
A node.js library to monitor your external ip for changes
npm install ip-monitor
basic
const IpMonitor = require('ip-monitor');
const ipMonitor = new IpMonitor();
ipMonitor.on('change', (prevIp, newIp) => {
console.log(`IP changed from ${prevIp} to ${newIp}`);
});
ipMonitor.on('error', (error) => {
console.error(error);
});
ipMonitor.start();
with custom configuration
const IpMonitor = require('ip-monitor');
const ipMonitor = new IpMonitor({
pollingInterval: 36000,
verbose: true,
externalIp: {
timeout: 1000,
getIP: 'parallel',
services: ['http://ifconfig.co/x-real-ip', 'http://icanhazip.com/'],
replace: true,
verbose: true
}
});
ipMonitor.on('change', (prevIp, newIp) => {
console.log(`IP changed from ${prevIp} to ${newIp}`);
});
ipMonitor.on('error', (error) => {
console.error(error);
});
ipMonitor.start();
new IpMonitor([config])
accepts a configuration object with the following optional properties:
pollingInterval: <Integer>
: how often to poll for ip changes, default 1 dayexternalIp: <Object>
: configuration passed directly to external-ip
.start()
: start watching.stop()
: stop watching.poll()
: poll for ip manuallychange
: fired when the external ip has changed. it will also fire the first time .start()
or .poll()
are invoked.error
: typical error handling hereChange your working directory to the project's root, npm install
to get the development dependencies and then npm test
FAQs
Unknown package
We found that ip-monitor demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.