'IconBurst' supply chain attack uses typo-squatting to spread malicious Javascript packages via NPM - SC Media

Security researchers warn developers to stay on the lookout for these type of typo-squatting spoofs, which are similar to common email phishing attacks.

Researchers this week discovered IconBurst, a widespread software supply chain attack based on typo-squatting that consisted of malicious Javascript packages spread via the node package manager (NPM)… [+4426 chars]

full article...