Safeguard
Tag

typosquatting

Safeguard articles tagged "typosquatting" — guides, analysis, and best practices for software supply chain and application security.

62 articles

Open Source Security

PyPI Typosquatting Detection at Scale

Typosquatting remains a steady drumbeat on PyPI. What detection actually looks like when you're trying to catch it at ecosystem scale, and where the interesting edges are.

Sep 18, 20247 min read
Supply Chain Security

Python Package Typosquatting in 2024: Scale, Tactics, and Defenses

Typosquatting on PyPI reached industrial scale in 2024, with attackers using automated tooling to register thousands of malicious package names targeting common misspellings of popular libraries.

Sep 8, 20246 min read
Open Source Security

RubyGems Typosquatting Incidents: 2024

A running ledger of typosquat incidents on RubyGems.org through 2024, the patterns across them, and what the year's data says about where the registry's defenses still fall short.

Aug 25, 20248 min read
Open Source Security

OSS Trademark Policies: Security Angle

Trademarks matter in open source security because they are the signal of authentic origin. When trademark policies fail, typosquatting, impostor forks, and compromised builds follow.

Aug 10, 20247 min read
Open Source Security

How to Detect Typosquatting in Package Installs

Build a pre-install guard that catches typosquatted npm, PyPI, and RubyGems dependencies using Levenshtein distance, download-count heuristics, and registry APIs.

Jan 15, 20245 min read
Open Source Security

Python Packaging Authority and the Security of pip install

Every pip install is a trust decision. The Python Packaging Authority has spent years hardening the ecosystem, but the attack surface remains vast and the threat actors are persistent.

Sep 15, 20237 min read
Supply Chain Attacks

Massive PyPI Malware Campaign Targets Developers with Credential Stealers

A sustained campaign flooded PyPI with hundreds of malicious packages using typosquatting and dependency confusion to steal credentials and cryptocurrency from developers.

Sep 5, 20235 min read
Supply Chain Security

Domain Squatting and Package Registry Attacks

Typosquatting and domain squatting in package registries trick developers into installing malicious packages. The attack is trivially easy to execute and remarkably effective.

Jul 5, 20236 min read
Open Source Security

The March 2023 PyPI Malware Wave

PyPI paused new user registration for most of May 20-23 after a March wave of typosquats and info-stealers flooded the index. Here is what happened and why.

Mar 28, 20235 min read
Software Supply Chain Security

Automating Typosquatting Detection for Package Registries

Typosquatting remains one of the most effective supply chain attacks. Automated detection using string distance algorithms, behavioral analysis, and registry monitoring can catch malicious packages before they reach your builds.

Mar 5, 20235 min read
Open Source Security

PyPI Malware Campaigns Surge in Q4 2022: A Roundup of the Worst Offenders

Python's package registry saw an explosion of malicious packages in late 2022, from credential stealers to reverse shells. Here's what we found.

Dec 5, 20226 min read
Software Supply Chain Security

Brand Protection on Package Registries: Defending Your Namespace

Attackers impersonate legitimate organizations on package registries through name squatting, logo theft, and metadata manipulation. Here is how to protect your brand and your users.

Nov 5, 20224 min read
typosquatting (Page 5) — Safeguard Blog