
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
A ruby gem to integrate with the Irish Companies Registration Office's API. You can register for an API account with the CRO via their signup page
Install the gem
gem install cro
Configure your API details:
CRO::Config.email = "Your email address"
CRO::Config.api_key = "Your API key"
You can then search on companies with
CRO::API.new.search("Company Name", search_type)
The different search_types are: 1 = Exact match (will give very few results usually) 2 = Starts with this phrase (default) 3 = Contains this phrase (slowest, but more results)
This will then return an array of results which you can access for example:
@results = CRO::API.new.search("Starbucks", 3)
@results.each do |result|
puts result["company_name"]
end
# Results
# STARBUCKS COFFEE COMPANY (IRELAND) LIMITED
# STARBUCKS COFFEE CORPORATION LIMITED
# STARBUCKS COFFEE SHOPS LIMITED
You can also search on company submissions for offical documents. The company type is defined as "c" for company or "b" for business with the CRO.
CRO::API.new.submissions("company_number", "company_type")
An example of which:
@submissions = CRO::API.new.submissions("397373", "c")
@submissions.each do |submission|
puts submission["sub_type_desc"]
end
-> B10 CHANGE IN DIRECTOR OR SECRETARY
-> B5 RETURN OF ALLOTMENTS
-> G2- OR INCREASE IN NOMINAL SHARE
-> G2- OR INCREASE IN NOMINAL SHARE
-> G2- OR INCREASE IN NOMINAL SHARE
These all currently return json results from the response.
You can view more details about any one submission with:
@submission = CRO::API.new.get_submission("6191121", "2")
puts @submission["scan_date"]
-> "2008-11-01T08:54:43Z"
Built by MiniCorp. It is free software, and may be redistributed under the terms specified in the MIT-LICENSE file.
FAQs
Unknown package
We found that cro demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.