Thread - Nostr Hypermedia

Vyram Kraven vyramk@nostrcheck.me 3 months ago

Yeah electron is bad.

There’s a New Stealer Variant in Town, and It’s Using Electron to Stay Fully Undetected

Our threat research team recently uncovered new npm packages that are used to download a new info-stealer variant that uses the popular Electron fr...

https://cybermaterial.com/hackers-use-electron-for-infostealer-malware/

GitHub - jonmest/How-To-Tamper-With-Any-Electron-Application: This work-in-progress outlines known vulnerabilities in the Electron framework, and how they may be abused to create dangerous exploits.

This work-in-progress outlines known vulnerabilities in the Electron framework, and how they may be abused to create dangerous exploits. - jonmest/...

↑ Parent

Replies (2)

Neigsndoig IQ 120 neigsendoig@nostrcheck.me 3 months ago

I use some Electron apps myself, but only if they're local-first like Obsidian. I rarely use Electron anyway.

1 replies ↓

Vyram Kraven vyramk@nostrcheck.me 3 months ago

https://www.virusbulletin.com/uploads/pdf/conference/vb2023/papers/Abusing-Electron-based-applications-in-targeted-attacks.pdf

Hunting Common Misconfigurations in Electron Apps - Part 1 | Cobalt

Discover common misconfigurations in Electron apps that can lead to security vulnerabilities, and learn how to secure your applications effectively.

↑