Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
By Kush Pandya - Jun 06, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
Package was removed
Sorry, it seems this package was removed from the registry
holojs
---------------- HoloJS Readme -----------------
-------------------------------- Win32 embedding ------------------------------
To embed a script application in a C++ Win32 project, add the following code to the WinMain function:
#include "holojs/holojs.h" #include #include <Windows.h>
int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nShowCmd) { std::shared_ptrHoloJs::IHoloJsScriptHost scriptHost(HoloJs::CreateHoloJsScriptHost(), &HoloJs::DeleteHoloJsScriptHost); auto configuration = HoloJs::ViewConfiguration(); scriptHost->initialize(configuration); scriptHost->startUri(L"http://holojs.azurewebsites.net/v7/vr-cubes.xrs"); return 0; }
See http://holojs.azurewebsites.net/help/win32-apps.html for more details
--------------------------------- UWP embedding -------------------------------
To embed a script application in a C++ UWP project add the following code to the main function:
[Platform::MTAThread] int main(Platform::ArrayPlatform::String^^) { auto scriptHost = ref new HoloJs::UWP::HoloJsScriptHost(); auto viewConfiguration = ref new HoloJs::UWP::ViewConfiguration(); if (scriptHost->initialize(viewConfiguration)) { auto uri = ref new Platform::String(L"http://holojs.azurewebsites.net/v7/vr-cubes.xrs"); scriptHost->startUri(uri); } return 0; }
See http://holojs.azurewebsites.net/help/uwp-apps.html for more details.
See http://holojs.azurewebsites.net/help for more details about JavaScript VR experiences with HoloJs.
Changelog: 1.3.4: Make the UWP library Microsoft Store compliant by replacing non-compliant APIs with accepted alternatives.
1.3.5: Add a SpeechRecognizer JavaScript API for enabling voice command recognition in the guest script. https://github.com/Microsoft/HoloJS/wiki/SpeechRecognizer
1.3.6: Fix unexpected closing of immersive view when running the HoloJs host in a .NET process.
1.3.7: Fix issues in SpeechRecognizer. Add free dictation mode to the SpeechRecognizer. Refer to the SpeechRecognizer wiki entry (see 1.3.5) for more information.
1.4.0: Implement spatial anchors for Windows Mixed Reality and HoloLens. Refer to the spatial anchors wiki entries for more information: https://github.com/Microsoft/HoloJS/wiki/SpatialAnchor https://github.com/Microsoft/HoloJS/wiki/SpatialAnchorStore
1.4.4: Implement more Gamepad properties; all buttons and axes supported by Mixed Reality Input Controllers are now working. Haptics is not implemented yet.
FAQs
Unknown package
We found that holojs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 27 Jul 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket Now Supports pylock.toml Files
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
By Trevor Norris - Jun 05, 2025
Security News
Research
Destructive npm Packages Disguised as Utilities Enable Remote System Wipe
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
By Kush Pandya - Jun 05, 2025