Supply Chain Attack Targeting Telegram Bot Developers Through Typosquatted npm Packages

Summary Socket’s Threat Research Team has uncovered a supply chain attack targeting the Telegram bot development ecosystem through typosquatted npm packages. Masquerading as the legitimate and widely-used node-telegram-bot-api library, these maliciou...