{"id":34619,"date":"2020-04-21T16:25:00","date_gmt":"2020-04-21T16:25:00","guid":{"rendered":"https:\/\/www.darkreading.com\/application-security\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/d\/d-id\/1337611"},"modified":"2020-04-21T16:25:00","modified_gmt":"2020-04-21T16:25:00","slug":"attackers-aim-at-software-supply-chain-with-package-typosquatting","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/","title":{"rendered":"Attackers Aim at Software Supply Chain with Package Typosquatting"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<header>\n<\/header>\n<p><span class=\"strong black\">Attackers seed Ruby Gems repository with more than 760 malicious packages using names just a bit different than the standard code libraries.<\/span> <\/p>\n<p class=\"p1\">Developers who make a simple typing mistake could find their systems compromised by malware in the latest attack on the software supply chain, say researchers at ReversingLabs, a software analysis platform provider.<\/p>\n<p class=\"p1\">The researchers analyzed the package repository for the Ruby language looking for code packages, known as Ruby Gems, submitted to the repository with names similar to existing baseline packages. They found more than 760 malicious Gems with similar names to legitimate packages had polluted the Ruby Gems repository.<\/p>\n<p class=\"p1\">The attack is similar to the typosquatting the company found in Python and the Node Package Manager repositories, says Robert Perica, principal engineer and threat analyst at ReversingLabs.<\/p>\n<p class=\"p1\">&#8220;Like other developers, when a developer mistypes a name and tries to download a package that does not exist, they expect an error that tells them that the package is not available,&#8221; he says. &#8220;But malicious actors are taking advantage of typos and delivering malware instead.&#8221;<\/p>\n<p class=\"p1\">The use of typosquatting to attempt to compromise developers&#8217; software and systems is a continuation of attacks on the software supply chain. In the past, developers mainly had to worry about keeping the packages they used up-to-date to close any vulnerabilities in their software.&nbsp;<\/p>\n<p class=\"p1\">Over the past few years, however, companies that track open source software packages have noted that attackers have focused on the components that developers often use as the basis for their applications. In 2018, for example, a popular JavaScript package in the Node Package Manager (NPM) repository known as event-stream was compromised with Bitcoin-stealing code and remained undetected for more than two months.<\/p>\n<p class=\"p1\">&#8220;The presumed attacker &#8230; reportedly offered to help maintain the library,&#8221; said Danny Grander, co-founder and security lead at software-security firm Snyk, <a href=\"https:\/\/snyk.io\/blog\/malicious-code-found-in-npm-package-event-stream\/\" target=\"_blank\" rel=\"noopener noreferrer\">in an analysis of the incident<\/a>. &#8220;Since adding libraries is a common practice, it&#8217;s easy to see how the new library was not reviewed too carefully. Furthermore, the library appears to have performed the promised functionality.&#8221;<\/p>\n<p class=\"p1\">Compromising an existing open source project is a long con that takes time, however. Typosquatting is much easier and does not require as many resources. The common attack typically focuses on creating file or domain names that are similar to common runtimes or destinations, respectively, in an attempt to catch infrequent typos. The strategy typically pays off when a large volume of requests are involved, making a low percentage mistake still amount to a reasonable number of potential victims.<\/p>\n<p class=\"p1\">In the early 2000s, for example, domain registrars <a href=\"https:\/\/www.techdirt.com\/articles\/20030905\/1635234.shtml\" target=\"_blank\" rel=\"noopener noreferrer\">began redirecting mistyped domains to their own landing pages<\/a>&nbsp;\u2014&nbsp;a move to which many privacy advocates, Internet service providers, and browser makers took exception. In 2008, Oliver Friedrichs, then a researcher for Symantec, warned that typosquatting could be used to capture sensitive emails. As an experiment, he registered 124 domains that had close spellings to US presidential candidates and found&nbsp;<a href=\"https:\/\/www.securityfocus.com\/brief\/685\" target=\"_blank\" rel=\"noopener noreferrer\">more than 1,100 connection attempts were sent to the mail handler for those domains<\/a>.<\/p>\n<p class=\"p1\">In the latest case, two developer accounts submitted different misspelled version of RubyGems, such as &#8220;atlas-client&#8221; instead of the actual &#8220;atlas_client,&#8221;&nbsp;<a href=\"https:\/\/blog.reversinglabs.com\/blog\/mining-for-malicious-ruby-gems\" target=\"_blank\" rel=\"noopener noreferrer\">according to ReversingLabs&#8217; analysis<\/a>. The malicious component installed by the fake component infects the developer&#8217;s system with persistent malware to replace any Bitcoin wallet address on the clipboard with the attacker&#8217;s wallet address, Perica says.<\/p>\n<p class=\"p1\">While most popular more than a decade ago, Ruby continues to be a relevant programming language for back-end Web developers because it powers the Ruby on Rails application framework. The language ranked No. 8 out of all programming languages in May 2016, but it has <a href=\"https:\/\/www.tiobe.com\/tiobe-index\/ruby\/\" target=\"_blank\" rel=\"noopener noreferrer\">since fallen to No. 13<\/a>, according to the ranking maintained by TIOBE, a software quality firm. Developer-knowledge site StackOverflow places the language at No. 12 with <a href=\"https:\/\/insights.stackoverflow.com\/survey\/2019#technology\" target=\"_blank\" rel=\"noopener noreferrer\">about 8% of all developers using Ruby<\/a>.<\/p>\n<p class=\"p1\">The attack against the Ruby Gems repository was fairly simple to spot because the attacker used portable executable files \u2014 not typically part of a Ruby Gem \u2014 and obvious names, such as &#8220;aaaa.png,&#8221; for the file components. A sneakier attacker could make the malware more difficult to spot, Perica says.&nbsp;<\/p>\n<p class=\"p1\">&#8220;It all depends on the level of caution that developers have in dealing with the package management frameworks,&#8221; he says. &#8220;We have to practice due diligence as developers and expect mistakes to happen.&#8221;<\/p>\n<p class=\"p3\"><strong>Related Content:<\/strong><\/p>\n<p class=\"p4\"><strong>&nbsp;<\/strong><\/p>\n<p class=\"p4\"><strong>Check out <a href=\"https:\/\/www.darkreading.com\/edge.asp\" target=\"_blank\" rel=\"noopener noreferrer\">The Edge<\/a>, Dark Reading&#8217;s new section for features, threat data, and in-depth perspectives. Today&#8217;s top story: &#8220;<a href=\"https:\/\/www.darkreading.com\/edge\/theedge\/cybersecurity-home-school-the-robot-project\/b\/d-id\/1337546\" target=\"_blank\" rel=\"noopener noreferrer\">Cybersecurity Home-School: The Robot Project<\/a>.&#8221;<\/strong><\/p>\n<p><span class=\"italic\">Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT&#8217;s Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline &#8230; <a href=\"https:\/\/www.darkreading.com\/author-bio.asp?author_id=1161\">View Full Bio<\/a><\/span> <\/p>\n<p><span class=\"smaller strong red allcaps\">More Insights<\/span><\/p>\n<p> Read More <a href=\"https:\/\/www.darkreading.com\/application-security\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/d\/d-id\/1337611?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Attackers seed Ruby Gems repository with more than 760 malicious packages using names just a bit different than the standard code libraries. Read More <a href=\"https:\/\/www.darkreading.com\/application-security\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/d\/d-id\/1337611?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-34619","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Attackers Aim at Software Supply Chain with Package Typosquatting 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Attackers Aim at Software Supply Chain with Package Typosquatting 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-04-21T16:25:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-aim-at-software-supply-chain-with-package-typosquatting\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-aim-at-software-supply-chain-with-package-typosquatting\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Attackers Aim at Software Supply Chain with Package Typosquatting\",\"datePublished\":\"2020-04-21T16:25:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-aim-at-software-supply-chain-with-package-typosquatting\\\/\"},\"wordCount\":801,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-aim-at-software-supply-chain-with-package-typosquatting\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/twimgs.com\\\/nojitter\\\/darkreading\\\/dr-logo.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-aim-at-software-supply-chain-with-package-typosquatting\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-aim-at-software-supply-chain-with-package-typosquatting\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-aim-at-software-supply-chain-with-package-typosquatting\\\/\",\"name\":\"Attackers Aim at Software Supply Chain with Package Typosquatting 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-aim-at-software-supply-chain-with-package-typosquatting\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-aim-at-software-supply-chain-with-package-typosquatting\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/twimgs.com\\\/nojitter\\\/darkreading\\\/dr-logo.jpg\",\"datePublished\":\"2020-04-21T16:25:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-aim-at-software-supply-chain-with-package-typosquatting\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-aim-at-software-supply-chain-with-package-typosquatting\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-aim-at-software-supply-chain-with-package-typosquatting\\\/#primaryimage\",\"url\":\"https:\\\/\\\/twimgs.com\\\/nojitter\\\/darkreading\\\/dr-logo.jpg\",\"contentUrl\":\"https:\\\/\\\/twimgs.com\\\/nojitter\\\/darkreading\\\/dr-logo.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-aim-at-software-supply-chain-with-package-typosquatting\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Attackers Aim at Software Supply Chain with Package Typosquatting\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Attackers Aim at Software Supply Chain with Package Typosquatting 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/","og_locale":"en_US","og_type":"article","og_title":"Attackers Aim at Software Supply Chain with Package Typosquatting 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-04-21T16:25:00+00:00","og_image":[{"url":"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Attackers Aim at Software Supply Chain with Package Typosquatting","datePublished":"2020-04-21T16:25:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/"},"wordCount":801,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/#primaryimage"},"thumbnailUrl":"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/","url":"https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/","name":"Attackers Aim at Software Supply Chain with Package Typosquatting 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/#primaryimage"},"thumbnailUrl":"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg","datePublished":"2020-04-21T16:25:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/#primaryimage","url":"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg","contentUrl":"https:\/\/twimgs.com\/nojitter\/darkreading\/dr-logo.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/attackers-aim-at-software-supply-chain-with-package-typosquatting\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Attackers Aim at Software Supply Chain with Package Typosquatting"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34619","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=34619"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34619\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=34619"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=34619"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=34619"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}