Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
This is a high-level async Python SDK for BSH Home Connect API. The API allows monitoring and controlling home appliances manufactured by BSH under brnad names such as Bosch, Siemens, Gaggenau and Neff.
The SDK connects to the Home Connect API and retrieves all the data associated with the logged-in account, which is made available under the SDK's data model. Afterwards, the SDK maintains an up-to-date state by subscribing to receive real time updates from the API.
This API provides access to home appliances enabled by Home Connect (https://home-connect.com). Through the API programs can be started and stopped, or home appliances configured and monitored. For instance, you can start a cotton program on a washer and get a notification when the cycle is complete.
To get started with this web client, visit https://developer.home-connect.com and register an account. An application with a client ID for this API client will be automatically generated for you.
This SDK is was not created by BSH and is not affiliated with it in any way.
This SDK is licensed under the MIT license.
FAQs
Async SDK for BSH Home Connect API
We found that home-connect-async demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.