
Research
/Security News
60 Malicious Ruby Gems Used in Targeted Credential Theft Campaign
A RubyGems malware campaign used 60 malicious packages posing as automation tools to steal credentials from social media and marketing tool users.
it-multipart
Advanced tools
Async iterable http multipart message parser
$ npm i it-multipart
import http from 'http'
import multipart from 'it-multipart'
http.createServer(async (req, res) => {
if (req.method === 'POST' && req.headers['content-type']) {
for await (const part of multipart(req)) {
console.log(`part with HTTP headers ${part.headers}`)
// nb. part.body must be consumed before the next part is emitted
for await (const chunk of part.body) {
console.log(`part with content ${part.name} contents:`, chunk.toString())
}
}
console.log('finished parsing')
res.writeHead(200)
res.end()
}
res.writeHead(404)
res.end()
}).listen(5001, () => {
console.log('server listening on port 5001')
})
Licensed under either of
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
FAQs
Async iterable http multipart message parser
The npm package it-multipart receives a total of 774 weekly downloads. As such, it-multipart popularity was classified as not popular.
We found that it-multipart demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A RubyGems malware campaign used 60 malicious packages posing as automation tools to steal credentials from social media and marketing tool users.
Security News
The CNA Scorecard ranks CVE issuers by data completeness, revealing major gaps in patch info and software identifiers across thousands of vulnerabilities.
Research
/Security News
Two npm packages masquerading as WhatsApp developer libraries include a kill switch that deletes all files if the phone number isn’t whitelisted.