What are typosquatting attacks and how do they impact open source developers? If you’re a JavaScript developer then you should understand them and be conscious that you aren’t mistakenly installing a package such as electron-native-notify - because hey, that’s a malicious package!