localForage-memoryStorageDriver icon indicating copy to clipboard operation
localForage-memoryStorageDriver copied to clipboard

Published 20 hours ago verified publisher icon localForage

Beware typo-squatting: Package with name all lowercase was malware

Open RPCMoritz opened this issue 3 years ago • 4 comments

See this GHSA ~~My brief look at the code/npm repo indicate nothing overly untoward, there is no public discussion regarding this issue - yet it's being listed with a fairly stark warning.~~

~~Does anyone have any insights what's going on here?~~

RPCMoritz avatar Jun 21 '22 11:06 RPCMoritz

I've added it to this thread of likely similar issues.

RPCMoritz avatar Jun 21 '22 11:06 RPCMoritz

Okay, looks like classic typo-squatting - camelCase matters.

RPCMoritz avatar Jun 21 '22 11:06 RPCMoritz

Thanks for the clarification. Maybe you can keep this issue open so others can rest assured if it's a false postivie

Fonger avatar Jun 21 '22 16:06 Fonger

I've reworded it a bit, so the information is more accessible.

RPCMoritz avatar Jun 21 '22 17:06 RPCMoritz