Typosquatting Campaign Delivers R77 Rootkit Through Malicious JavaScript Package
The typosquatting attack involved a malicious package called node-hide-console-windows that downloaded a Discord bot, which then planted an open-source rootkit called r77.