Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
GitHub

Songbird is a secure and lightweight self-hosted chat platform designed to empower digital freedom worldwide.

This repository contains the Songbird chat application. The server uses a file-backed SQLite database via sql.js and the client is built with React + Vite. Songbird supports DMs, groups, channels, ...