GHSA-97m3-w2cp-4xx6
es5-ext
GHSA-97m3-w2cp-4xx6 | es5-ext | |
---|---|---|
13 | 10 | |
- | 172 | |
- | - | |
- | 6.6 | |
- | 7 months ago | |
JavaScript | ||
- | ISC License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
GHSA-97m3-w2cp-4xx6
-
Selecting the Right Dependencies: A Comprehensive Practical Guide
How safe is it to use? It may sound like fiction, but yes, dependencies can be dangerous. For example, an interesting feature was added to a library with 500k downloads: it tries to replace all files on the computer with ❤️ if your IP address falls within a specific range.
- Embedded Malicious Code in node-ipc
- Open Source Maintainer Sabotages Code to Wipe Russian, Belarusian Computers
-
With the recent scandal over the 'node-ipc' package, is Composer also vulnerable like this? Is there any security measure in the Composer to prevent this type of attack?
Source: CVE-2022-23812
- CVE-2022-23812 - mbedded Malicious Code in node-ipc - The package node-ipc versions 10.1.1 and 10.1.2 are vulnerable to embedded malicious code that was introduced by the maintainer. The malicious code was intended to overwrite arbitrary files on Russian systems
- My entire PC got wiped Do not download
- NPM supply chain attack - Wipes your disk if you have a Russian/Byelorussian IP
-
Ukraine Invasion Megathread #3
I have not audited the malicious code myself, so you might be right, I'm going by the CVE reports that say it does this to arbitrary files.
es5-ext
-
core-js: Don’t send funds to russia
Don't tell me he's a victim of the regime, when other library authors add banners about the war in Ukraine he does not like it https://github.com/medikoo/es5-ext/issues/116 https://github.com/mdn/content/pull/18946 and like the comments about Poland becoming “Russia Poland People's Republic” doesn't look like a victim https://github.com/medikoo/es5-ext/issues/116#issuecomment-1066989820 https://monosnap.com/file/zZl6PrsxPTCtI0qx9XH6AZSb19eX6t and like comments about “Ukraine hit Donetsk with Tochka-U” https://github.com/medikoo/es5-ext/issues/116#issuecomment-1068768522 https://monosnap.com/file/bczy9oIIMSKz48P6K4MlkttrJ5jo5C
-
Just installed Brackets 2.1.2 and my antivirus flagged a file in the Brackets install directory as malicious
P.S. if you open the file in a text editor, you can see the soyness in all it's glory. It's this little bitch, BTW
-
Malware False Positive?
It's a false positive, it's just - https://github.com/medikoo/es5-ext
-
Tell HN: Russian antivirus flags NPM package as malicious for logged message
The popular npm package es5-shim checks location on install and logs a Russian call for peace for Russian users.
Kaspersky (Russian AV) flags this file as a virus.
https://github.com/medikoo/es5-ext/blob/main/_postinstall.js
-
Kaspersky Internet Security deleted a file containing an anti-war message???
I noticed Kaspersky on my mac deleted a file and I saw that file was from a lib used in a work project. I got curious and looked at the file and it included an anti-war message..... I can't tell if Kaspersky deleted it by mistake thinking it's malware or if Kaspersky is being nefarious. The message is in Japanese but it just says "a file has been deleted" and lists the path. This is the file it deleted https://github.com/medikoo/es5-ext/blob/main/_postinstall.js
- Protestware – PR-184 for ES5-ex5
-
Embedded Malicious Code in node-ipc
Other projects adopted non-malicious approach, where they publish anti war manifests: https://github.com/medikoo/es5-ext/blob/main/_postinstall.js
- Ukraine invasion messaging is being added to popular JS libraries
-
Protestware: “peacenotwar” NPM package drops anti-war message on user's desktop
Yet another manifest found in es5-ext: https://github.com/medikoo/es5-ext/issues/116
What are some alternatives?
peacenotwar - Attempts to determine if the computer its running on has an IP originating from Russia or Belarus. If it is then depending on the version of the malware either attempts to delete all files on the computer, or creates a text file on the computers desktop protesting the war in ukraine.
protestware-list
node-ipc - A nodejs module for local and remote Inter Process Communication (IPC), Neural Networking, and able to facilitate machine learning.
Symfony - The Symfony PHP framework
node-ipc - Drop-in fork of `node-ipc`.
vue-cli - 🛠️ webpack-based tooling for Vue.js Development
content - The content behind MDN Web Docs