Sabotage: Code added to popular NPM package wiped files in Russia and Belarus Logo

Sabotage: Code added to popular NPM package wiped files in Russia and Belarus

0
Free
Visit Website

A developer has been caught adding malicious code to a popular open-source package that wiped files on computers located in Russia and Belarus as part of a protest that has enraged many users and raised concerns about the safety of free and open source software. The application, node-ipc, adds remote interprocess communication and neural networking capabilities to other open source code libraries. As a dependency, node-ipc is automatically downloaded and incorporated into other libraries, including ones like Vue.js CLI, which has more than 1 million weekly downloads. A deliberate and dangerous act Two weeks ago, the node-ipc author pushed a new version of the library that sabotaged computers in Russia and Belarus, the countries invading Ukraine and pro

FEATURES

ALTERNATIVES

A multithreaded YARA scanner for incident response or malware zoos.

A tool for translating Dalvik bytecode to equivalent Java bytecode, allowing Java analysis tools to analyze Android applications.

A tool that executes programs in memory from various sources

A command-line tool for identifying NoSQL injection vulnerabilities in MongoDB databases

A Python script for scanning data within an IDB using Yara

Collection of slides, materials, demos, crackmes, and writeups from r2con-2017 conference.

Java code implementing the AutoYara algorithm for automatic Yara rule generation from input samples.

Identifies 137 malicious npm packages and gathers system information to a remote server.

PINNED