Phylum

We are tracking a large #typosquat campaign targeting the #npm ecosystem. As of this writing, 125 packages have been released in what appears to be an ongoing campaign.

https://blog.phylum.io/large-typosquat-campaign-targeting-react-and-angular/

#javascript #opensource #infosec #react #angular #cybersecurity

Large Typosquat Campaign Targeting React and Angular

Phylum is tracking a large typosquat campaign targeting the npm ecosystem. A user is currently publishing many typosquat packages masquerading as react and angular. As of this writing, 125 packages have been released in what appears to be an ongoing campaign. We are reporting these packages as we encounter them

Phylum
Sep 26, 2023 at 5:47amWeb