typosquatting
Safeguard articles tagged "typosquatting" — guides, analysis, and best practices for software supply chain and application security.
62 articles
PyPI Typosquatting Detection at Scale
Typosquatting remains a steady drumbeat on PyPI. What detection actually looks like when you're trying to catch it at ecosystem scale, and where the interesting edges are.
Python Package Typosquatting in 2024: Scale, Tactics, and Defenses
Typosquatting on PyPI reached industrial scale in 2024, with attackers using automated tooling to register thousands of malicious package names targeting common misspellings of popular libraries.
RubyGems Typosquatting Incidents: 2024
A running ledger of typosquat incidents on RubyGems.org through 2024, the patterns across them, and what the year's data says about where the registry's defenses still fall short.
OSS Trademark Policies: Security Angle
Trademarks matter in open source security because they are the signal of authentic origin. When trademark policies fail, typosquatting, impostor forks, and compromised builds follow.
How to Detect Typosquatting in Package Installs
Build a pre-install guard that catches typosquatted npm, PyPI, and RubyGems dependencies using Levenshtein distance, download-count heuristics, and registry APIs.
Python Packaging Authority and the Security of pip install
Every pip install is a trust decision. The Python Packaging Authority has spent years hardening the ecosystem, but the attack surface remains vast and the threat actors are persistent.
Massive PyPI Malware Campaign Targets Developers with Credential Stealers
A sustained campaign flooded PyPI with hundreds of malicious packages using typosquatting and dependency confusion to steal credentials and cryptocurrency from developers.
Domain Squatting and Package Registry Attacks
Typosquatting and domain squatting in package registries trick developers into installing malicious packages. The attack is trivially easy to execute and remarkably effective.
The March 2023 PyPI Malware Wave
PyPI paused new user registration for most of May 20-23 after a March wave of typosquats and info-stealers flooded the index. Here is what happened and why.
Automating Typosquatting Detection for Package Registries
Typosquatting remains one of the most effective supply chain attacks. Automated detection using string distance algorithms, behavioral analysis, and registry monitoring can catch malicious packages before they reach your builds.
PyPI Malware Campaigns Surge in Q4 2022: A Roundup of the Worst Offenders
Python's package registry saw an explosion of malicious packages in late 2022, from credential stealers to reverse shells. Here's what we found.
Brand Protection on Package Registries: Defending Your Namespace
Attackers impersonate legitimate organizations on package registries through name squatting, logo theft, and metadata manipulation. Here is how to protect your brand and your users.