Meet momnet, an npm package that was identified to target the popular moment package users, using Typosquatting.

Do you know that annoying feeling when you type a URL and then suddenly you land up on another website because you misspelled it? Now imagine downloading an open source library, executing it and then finding out it’s a malware… Ouch. Welcome to Typosquatting.

For more details see:
Wait A Momnet… / Typosquating Momnet Attack