Advertisement
HIGH
Supply Chain
Typosquatting Evolution: How AI Lookalike Domains Target Supply Chains
Attackers are weaponizing AI-generated lookalike domains within third-party scripts, turning typosquatting into a sophisticated supply chain threat for enterprises.
Runtime Rebel Intel
3 min read·May 20, 2026
HIGH
Supply Chain
Malicious StripeApi.Net NuGet Package Targets Financial API Tokens
Researchers identify a typosquatting NuGet package, StripeApi.Net, designed to mimic official Stripe libraries and exfiltrate sensitive financial API keys.
Runtime Rebel Intel
4 min read·Feb 26, 2026
SU
HIGH
Supply Chain
Malicious npm Package Targets React Developers with Backdoored Polyfill
A typosquatted npm package mimicking a popular React utility has been downloaded over 47,000 times before removal. The package contained an obfuscated backdoor capable of exfiltrating environment variables and SSH keys.
Jordan Kim
2 min read·Jan 25, 2024