typosquatting
Safeguard articles tagged "typosquatting" — guides, analysis, and best practices for software supply chain and application security.
62 articles
Malicious NuGet packages targeting .NET developers
A fresh wave of malicious NuGet packages is hitting .NET developers via typosquatting, MSBuild-triggered code, and IL weaving. Here's what's happening and how to respond.
Malicious Rust crates found on crates.io
Malicious crates keep surfacing on crates.io, from the rustdecimal typosquat to build-script payload attacks. Here's how the pattern works and how to defend against it.
Typosquatting on crates.io report
Safeguard's research team scanned all of crates.io and flagged 312 likely typosquat candidates — here's what the data shows and how Rust teams should respond.
Name Confusion Attacks: Typosquatting and Brandjacking
Typosquatting and brandjacking let attackers hijack trust in package names instead of writing exploits. Here's how crossenv, PyPI's 2017 campaign, and PyTorch's torchtriton breach actually worked.
How Snyk detects malicious and typosquatted open-source p...
How Snyk's research team detects malicious and typosquatted open-source packages — from name-similarity heuristics to install-script analysis and source-code provenance checks.
Anatomy of a Typosquatting Campaign: How Attackers Pick T...
Real typosquatting campaigns follow a repeatable playbook: target selection, edit-distance tricks, and install-time payloads. Here's how attackers actually pick their targets.
The Economics of Publishing Fake Packages at Scale
Publishing a malicious package costs an attacker almost nothing while payouts run into the millions. Here's the cost-benefit math behind fake packages — and how to break it.
Slopsquatting in the AI Era: Registering Packages AI Mode...
AI coding assistants hallucinate package names at rates as high as 19.7% — and attackers are registering those exact names. Here's how slopsquatting works and how to stop it.
How to Verify an npm Package Before Installing It
Five checks that take about four minutes — tarball inspection, install-script review, provenance verification, maintainer signals — before you let a new npm package run code on your machine.
What is Typo-Squatting Detection
Typo-squatting detection identifies malicious packages named one keystroke away from real ones — requets instead of requests — before they reach your build.
npm Supply Chain Attacks Q1 2025: Dependency Confusion, Typosquatting, and Maintainer Takeovers
The first quarter of 2025 saw a sharp increase in npm supply chain attacks. We catalog the major incidents and analyze the evolving techniques.
Typosquatting Meets AI: The New Threat of AI-Generated Package Names
AI code assistants recommend packages that do not exist, and attackers are registering those hallucinated names. This new typosquatting vector exploits the trust developers place in AI suggestions.