Beware the Package Typosquatting Supply Chain Attack
from DarkReading 18 March indexed on 18 March 2021 20:01Attackers are mimicking the names of existing packages on public registries in hopes that users or developers will accidentally download these malicious packages instead of legitimate ones.
Read more.