Security news aggregator

Latest coverage for Typosquatting

Stay vigilant against typosquatting threats with the latest news, prevention tips, and expert insights on our dedicated information security tag page.

27 headlines in this view

Typosquatting

Typosquatting is the practice of registering domain names that closely resemble those of well-known websites, with the intention of capturing users who make typographical errors when entering a web address. This can involve variations such as common misspellings, switching characters, adding or subtracting characters, or using different top-level domains (e.g., .com, .net, .org).

In the context of information security, typosquatting is a form of social engineering that exploits human error to redirect users to potentially malicious websites. These rogue sites may mimic the design of the intended site to deceive visitors into providing sensitive information such as login credentials, personal data, or credit card details. It is also used to distribute malware or for advertising revenue. Defending against typosquatting involves awareness training, secure browsing practices, and the use of protective software that can alert users to suspicious web addresses.

Showing 20 most recent headlines of 27 Filtered view

Microsoft Security Research 5 days, 20 hours ago

Typosquatted npm packages used to steal cloud and CI/CD secrets

The Mini Shai-Hulud campaign used malicious npm packages to target cloud and CI/CD credentials across developer environments. This report details the attack chain, detection opportunities, and mitigation guidance to help organizations identify and disrupt related activity. The post Typosquatted npm packages used to steal cloud and CI/CD secrets appeared first on Microsoft Security Blog.

More from Microsoft Security Research 29 May 2026, 3:04 p.m. Incident · 8 stories Cloud Credentials Microsoft Mitigation Node.js Report Theft Typosquatting

Info Security Magazine 6 days, 7 hours ago

Attackers Move Past Typosquatting to Realistic Package Impersonation

Most malicious open source packages now mimic real code rather than rely on typosquatting

More from Info Security Magazine 29 May 2026, 3:30 a.m. Incident · 2 stories Impersonation Open Source Typosquatting

The Hacker News 2 weeks ago

Typosquatting Is No Longer a User Problem. It's a Supply Chain Problem

AI-generated lookalike domains are now embedded inside the third-party scripts running on your web properties. Here's why your current stack can't see them, and what detection actually requires

More from The Hacker News 20 May 2026, 10:30 p.m. Incident · 2 stories Artificial Intelligence CISO Supply Chain Typosquatting

Dark Reading 1 month, 3 weeks ago

APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials

The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication.

More from Dark Reading 14 Apr 2026, 3:08 a.m. Amazon Web Services Azure Backdoor China Cloud Credentials Google Typosquatting

The Hacker News 2 months ago

Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains

Chinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a previously undocumented remote access trojan named AtlasCross RAT

More from The Hacker News 1 Apr 2026, 12:46 a.m. China Cryptocurrency E-commerce Encryption Fake Impersonation Remote Access Trojan Tools Trojan Typosquatting VPN Video

Bleeping Computer 5 months, 1 week ago

Fake MAS Windows activation domain used to spread PowerShell malware

A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell scripts that infect Windows systems with the 'Cosmali Loader'. [...]

More from Bleeping Computer 25 Dec 2025, 6:44 a.m. Fake Impersonation Malware Microsoft PowerShell Tools Typosquatting

Bank Info Security 6 months ago

Scattered Lapsus$ Hunters Tied to Targeting of Zendesk Users

Uncovered: Typosquatted Domains Linked to Suspected Ransomware Group CampaignContinuing its targeting of customer data, the cybercrime group Scattered Lapsus$ Hunters appears to be gearing up for large-scale attacks involving typosquatted domains that lead to phishing domains designed to steal Zendesk users' valid credentials, warn security researchers.

More from Bank Info Security 29 Nov 2025, 10:30 a.m. Credentials Lapsus Phishing Ransomware Research Theft Typosquatting

The Register 8 months ago

One line of malicious npm code led to massive Postmark email heist

MCP plus open source plus typosquatting … what could possibly go wrong? A fake npm package posing as Postmark's MCP (Model Context Protocol) server silently stole potentially thousands of emails a day by adding a single line of code that secretly copied outgoing messages to an attacker-controlled address.…

More from The Register 30 Sep 2025, 9:44 a.m. Email Fake Node.js Open Source Typosquatting

Bleeping Computer 1 year ago

Fake Zenmap. WinMRT sites target IT staff with Bumblebee malware

The Bumblebee malware SEO poisoning campaign uncovered earlier this week aimpersonating RVTools is using more typosquatting domainsi mimicking other popular open-source projects to infect devices used by IT staff. [...]

More from Bleeping Computer 25 May 2025, 2:26 a.m. Fake Malware Open Source Typosquatting

The Hacker News 1 year, 2 months ago

Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems

Cybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are designed to deploy loader malware on Linux and Apple macOS systems

More from The Hacker News 5 Mar 2025, 8:07 p.m. Apple Finance Github Impersonation Linux Malware Research Threat Actor Typosquatting Widely Used macOS

The Hacker News 1 year, 5 months ago

Thousands Download Malicious npm Libraries Impersonating Legitimate Tools

Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package registry

More from The Hacker News 20 Dec 2024, 2:56 a.m. Impersonation Node.js Threat Actor Tools Trojan Typosquatting

Bank Info Security 1 year, 6 months ago

Malicious Python Package Exfiltrates AWS Credentials

Developers' Credentials Stolen via Typosquatted ‘Fabric’ LibraryA malicious Python package that mimics a popular SSH automation library has been live on PyPi since 2021 and delivers payloads that steal credentials and create backdoors. The package steals AWS access and secret keys, sending them to a remote server operated through a VPN in Paris

More from Bank Info Security 12 Nov 2024, 11:30 a.m. Amazon Web Services Automation Credentials Library Python SSH Theft Typosquatting VPN

The Register 1 year, 6 months ago

Ongoing typosquatting campaign impersonates hundreds of popular npm packages

Puppeteer or Pupeter? One of them will snoop around on your machine and steal your credentials An ongoing typosquatting campaign is targeting developers via hundreds of popular JavaScript libraries, whose weekly downloads number in the tens of millions, to infect systems with info-stealing and snooping malware.…

More from The Register 6 Nov 2024, 5:28 a.m. Credentials JavaScript Malware Node.js Theft Typosquatting

The Hacker News 1 year, 8 months ago

GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code

Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped software and packages

More from The Hacker News 7 Sep 2024, 3:03 a.m. Github Google Malicious Code Open Source Threat Actor Typosquatting Vulnerability

Dark Reading 1 year, 8 months ago

Malvertising Campaign Builds a Phish for Lowe's Employees

Retail employees are being duped into divulging their credentials by typosquatting malvertisements.

More from Dark Reading 6 Sep 2024, 8:56 a.m. Credentials Phishing Typosquatting

Info Security Magazine 1 year, 9 months ago

Cyber-criminals Exploited Paris Olympics With Fake Domains

166 Olympics-related domains displayed signs of DNS abuse like keyword stuffing and typosquatting

More from Info Security Magazine 16 Aug 2024, 4:00 a.m. Abuse DNS Fake Typosquatting

The Register 1 year, 10 months ago

Cybercrooks spell trouble with typosquatting domains amid CrowdStrike crisis

Latest trend follows various malware campaigns that began just hours after IT calamity Thousands of typosquatting domains are now registered to exploit the desperation of IT admins still struggling to recover from last week's CrowdStrike outage, researchers say.…

More from The Register 24 Jul 2024, 3:15 a.m. Crowdstrike Exploit Malware Outage Research Typosquatting

Bleeping Computer 1 year, 11 months ago

Malicious VSCode extensions with 229M installs found on Microsoft marketplace

A group of Israeli researchers exploring the limits of VSCode security have managed to "infect" over 100 organizations with a typosquatting Dracula extension that was weaponized with risky code. [...]

More from Bleeping Computer 10 Jun 2024, 2:22 a.m. Israel Marketplace Microsoft Research Typosquatting

The Hacker News 1 year, 11 months ago

Hackers Target Python Developers with Fake "Crytic-Compilers" Package on PyPI

Cybersecurity researchers have discovered a malicious Python package uploaded to the Python Package Index (PyPI) repository that's designed to deliver an information stealer called Lumma (aka LummaC2)

More from The Hacker News 6 Jun 2024, 5:49 p.m. Fake Library Python Research Typosquatting

Info Security Magazine 2 years, 1 month ago

New Cyber-Threat MadMxShell Exploits Typosquatting and Google Ads

Zscaler also confirmed MadMxShell uses DLL sideloading and DNS tunneling for C2 communication

More from Info Security Magazine 19 Apr 2024, 3:30 a.m. DNS Exploit Google Typosquatting Zscaler

Loading more headlines...