Typosquatting is when a package with a similar name to that of a popular package is uploaded to a package manager, possibly with malicious intent.
I worked with professors L. De Carli and D. Davidson on testing SpellBound, a typosquatting detection tool. I built tools using web scraping and sequence matchers to efficiently analyze 201 pairs of similarly named npm packages to determine if any were malicious.