Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
smartling-api-sdk-nodejs
Advanced tools
Smartling Translation API
This repository contains the Nodejs SDK for accessing the Smartling Translation API.
The Smartling Translation API lets developers to internationalize their website or app by automating the translation and integration of their site content. Developers can upload resource files and download the translated files in a language of their choosing. There are options to allow for professional translation, community translation and machine translation.
For a full description of the Smartling Translation API, please read the docs at: http://docs.smartling.com
Bug tracker
Have a bug? Please create an issue here on GitHub!
https://github.com/Smartling/api-sdk-nodejs/issues
Hacking
To get source code, clone the repo:
git clone git@github.com:Smartling/api-sdk-nodejs.git
Then compile the javascript:
npm install && npm run build
To contribute, fork it and follow general GitHub guidelines with pull request.
FAQs
Package for Smartling API
The npm package smartling-api-sdk-nodejs receives a total of 60,865 weekly downloads. As such, smartling-api-sdk-nodejs popularity was classified as popular.
We found that smartling-api-sdk-nodejs demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 31 Aug 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025
Application Security
/Research
/Security News
Updated and Ongoing Supply Chain Attack Targets CrowdStrike npm Packages
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.
By Kush Pandya, Peter van der Zee, Olivia Brown, Socket Research Team - Sep 16, 2025