A recent study reveals that over 90% of parked domains now redirect visitors to malicious content, a sharp increase from less than 5% a decade ago. Users who mistakenly visit these sites are often targeted with scams or malware, especially if using residential IP addresses. The report highlights the risks of typosquatting and the complex web of redirects that lead to harmful sites.

This article details how ten malicious npm packages use typosquatting techniques to execute credential harvesting malware on developers' systems. It describes the multi-stage process, including automatic execution, IP tracking, and extensive data extraction methods targeting various operating systems.