Beware the Package Typosquatting Supply Chain Attack

Attackers are mimicking the names of existing packages on public registries in hopes that users or developers will accidentally download these malicious packages instead of legitimate ones.
This post appeared first on Dark Reading
Author: Kim Lewandowski & Bentz Tozer Product Manager, Google Security / Senior Member of Technical Staff, Cyber Practice, In-Q-Tel