
Security News
Nx npm Packages Compromised in Supply Chain Attack Weaponizing AI CLI Tools
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.
Menulab.RichTextBox
Advanced tools
RichTextBox is a freeware RichTextEditor asp.net server control. It is not as full featured as CKEditor or TinyMCE, but it may be the worlds most advanced fully embedded rich text editor freeware asp.net control (no dangling javascript files). RichTextBox have the usual buttons, design and or html view, byte, letter & word counters, it supports multiple instances on the same page and can be configured in many ways, eg. which rich abilities (buttons) to include, using counters to restrict input, where to put user upload and many many more. In addition RichTextBox can also be embedded into your own server controls (fully free).
Supply Chain Security
Vulnerability
Quality
Maintenance
License
Unpopular package
QualityThis package is not very popular.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
FAQs
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.
Security News
CISA’s 2025 draft SBOM guidance adds new fields like hashes, licenses, and tool metadata to make software inventories more actionable.
Security News
A clarification on our recent research investigating 60 malicious Ruby gems.