
Research
Security News
Malicious npm Packages Use Telegram to Exfiltrate BullX Credentials
Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.
tty-browserify
Advanced tools
The tty-browserify npm package is a version of the Node.js 'tty' module that can be used in the browser. It provides basic functionality of the Node.js 'tty' module, allowing for the emulation of terminal-related features within a web environment. This package is primarily used in bundling tools like Browserify to shim the 'tty' module when code that uses it is being prepared to run in the browser.
isatty
The 'isatty' method is used to determine if a given file descriptor is associated with a terminal. In the context of a browser, this will always return false, as the browser does not have file descriptors associated with terminals.
var tty = require('tty-browserify');
console.log(tty.isatty(1)); // always returns false in the browser
ReadStream and WriteStream
The 'ReadStream' and 'WriteStream' classes are part of the Node.js 'tty' module API. However, in the browser context, these classes do not have the same capabilities as in Node.js, and their functionality is limited or non-existent.
var tty = require('tty-browserify');
var rs = new tty.ReadStream();
var ws = new tty.WriteStream();
The 'browserify-fs' package is similar to 'tty-browserify' in that it provides a browser-compatible version of a Node.js core module, specifically the 'fs' (filesystem) module. It allows for file system operations within the browser environment using an in-memory file system.
The 'stream-browserify' package is a browser-compatible version of the Node.js 'stream' module. It provides the ability to use streams in the browser, similar to how 'tty-browserify' provides terminal-related functionality in the browser.
The 'crypto-browserify' package is a shim for the Node.js 'crypto' module that allows cryptographic functions to be used in the browser. Like 'tty-browserify', it adapts Node.js core functionality for use in a web environment.
FAQs
the tty module from node core for browsers
We found that tty-browserify demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 39 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.
Research
Security News
Malicious npm packages posing as developer tools target macOS Cursor IDE users, stealing credentials and modifying files to gain persistent backdoor access.
Security News
AI-generated slop reports are making bug bounty triage harder, wasting maintainer time, and straining trust in vulnerability disclosure programs.