
Research
Malicious Go βcryptoβ Module Steals Passwords and Deploys Rekoobe Backdoor
An impersonated golang.org/x/crypto clone exfiltrates passwords, executes a remote shell stager, and delivers a Rekoobe backdoor on Linux.
@middy/core
Advanced tools
Core component of the middy framework, the stylish Node.js middleware engine for AWS Lambda
You can read the documentation at: https://middy.js.org
To install middy you can use NPM:
npm install --save @middy/core
For documentation and examples, refers to the main Middy monorepo on GitHub or Middy official website.
Everyone is very welcome to contribute to this repository. Feel free to raise issues or to submit Pull Requests.
Licensed under MIT License. Copyright (c) 2017-2026 will Farrell, Luciano Mammino, and Middy contributors.
serverless-middleware is a middleware framework for AWS Lambda functions, similar to @middy/core. It allows you to compose your Lambda functions using middleware, but it is less mature and has fewer built-in middleware options compared to @middy/core.
lambda-middleware is another middleware framework for AWS Lambda functions. It provides a similar middleware composition model as @middy/core but focuses more on simplicity and ease of use. It has a smaller community and fewer plugins compared to @middy/core.
Express is a web application framework for Node.js that provides a robust set of features for web and mobile applications. While not specifically designed for AWS Lambda, it can be used in conjunction with AWS Lambda to handle HTTP requests and middleware. It is more feature-rich and has a larger community compared to @middy/core.
FAQs
π΅ The stylish Node.js middleware engine for AWS Lambda (core package)
The npm package @middy/core receives a total of 260,374 weekly downloads. As such, @middy/core popularity was classified as popular.
We found that @middy/core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago.Β It has 3 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
An impersonated golang.org/x/crypto clone exfiltrates passwords, executes a remote shell stager, and delivers a Rekoobe backdoor on Linux.

Security News
npm rolls out a package release cooldown and scalable trusted publishing updates as ecosystem adoption of install safeguards grows.

Security News
AI agents are writing more code than ever, and that's creating new supply chain risks. Feross joins the Risky Business Podcast to break down what that means for open source security.