All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

What is typosquatting and how typosquatting attacks are responsible for malicious modules in npm

5y agoen

Source

SnykWhat is typosquatting and how typosquatting attacks are responsible for malicious modules in npmsnyk.io

You might also wanna read

Typosquatted npm Package Delivers Windows RAT with Encrypted C2 and Registry Persistence

A malware campaign targets Windows systems via a typosquatted npm package called postcss-minify-selector-parser, disguised as the legitimate

cybersecuritynews.com·13d ago

Security Alert: Malicious Nx Packages Published to npm Containing Credential-Stealing Code

Malicious versions of the Nx package and several supporting plugins were published to npm, containing code that scans file systems, collects

github.com·10mo ago

Microsoft uncovers npm supply chain attack stealing cloud and CI/CD credentials via typosquatted packages

Microsoft identified an active supply chain attack (Mini Shai-Hulud campaign) targeting the npm package ecosystem. On May 28, 2026, a threat

microsoft.com·1mo ago

176 malicious npm packages used dependency confusion to target internal dependencies and steal credentials

Sonatype researchers uncovered a campaign involving 176 malicious npm packages using a dependency confusion attack strategy. Attackers publi

sonatype.com·1mo ago

Post-mortem Analysis of @ctrl/tinycolor npm Supply Chain Attack via GitHub Actions

A detailed post-mortem analysis of a supply chain attack on the @ctrl/tinycolor npm package. The attack occurred when a malicious GitHub Act

sigh.dev·9mo ago

AI-Generated npm Package Leaks Its Own GitHub Token, Exposing Malware Operator

A malicious npm package named mouse5212-super-formatter, identified by OX Security, was caught leaking its own hardcoded GitHub token. This

infosecurity-magazine.com·1mo ago

Comments

Sign in to join the conversation.

No comments yet. Be the first.