
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
A plugin for Acmesmith and implements an automated dns-01
challenge responder using NS1 API.
With this plugin and Acmesmith, you can automate and authorize your domain hosted on NS1 Portal and request TLS certificates for the domains against Let's Encrypt and other CAs supporting the ACME protocol.
For more infromation on NS1 API - API Documentation
NS1 calls are managed by ns-1
gem see ns-1
Install acmesith-ns1
gem along with acmesmith
. You can just do gem install acmesith-ns1
or use Bundler if you want.
Use ns1
challenge responder in your acmesmith.yml
. General instructions about acmesmith.yml
is available in the manual of Acmesmith.
The mandatory options for the acmesmith.yml
(Or other file specified from command line) are:
NS1 API Token
Optional option is:
Integer
-> Where default TTL is 3600 if this option is omitted.---
directory: https://acme-v02.api.letsencrypt.org/directory
storage:
type: filesystem
path: /path/to/key/storage
challenge_responders:
- ns1:
token: "API_TOKEN" # (required)
ttl: 60 # (optional)
The gem is available as open source under the terms of the MIT License.
FAQs
Unknown package
We found that acmesmith-ns1 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.