Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
node-raspberrypi-usbboot
Advanced tools
Transforms Raspberry Pi Compute Modules and Zeros to mass storage devices.
Transforms Raspberry Pi Compute Modules and Zeros to mass storage devices.
For usage, see the example.
On most GNU/Linux distributions, you'll need to run this as root.
Import UsbbootScanner
, instanciate it, then on the instance attach the following event listeners:
attach
: a device was connected and we started transforming it to a mass storage device;detach
: a device was detached, note that this could mean that it was physically detached or that it was successfully transformed into a mass storage device;error
: an error occured.The attach
and detach
event listeners will get a UsbbootDevice
as parameter. This object will emit progress
events which parameter is the percentage of completion.
The progress will be 100
when the device reattaches itself as a mass storage device. This will be followed by a detach
event from the UsbbootScanner
(because the device
will no longer be a usbboot device).
This is heavily based on Raspberry Pi USB booting code.
It should support Raspberry Pi Compute Modules and Raspberry Pi Zeros.
This module will upload a slightly more complex kernel to the pis than the original code above, it allows the devices to reach higher write speeds at the cost of a longer preparation phase.
If you have any trouble using this module, please check if it works with the original usb boot link above.
You can enable debug output by setting the DEBUG
env var to node-raspberrypi-usbboot
.
FAQs
Transforms Raspberry Pi Compute Modules and Zeros to mass storage devices.
The npm package node-raspberrypi-usbboot receives a total of 3,100 weekly downloads. As such, node-raspberrypi-usbboot popularity was classified as popular.
We found that node-raspberrypi-usbboot demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.