Name of the Vulnerable Software and Affected Versions requeest versions (affected versions not specified)

Description The issue concerns a typosquatted package named requeest that mimics a popular package of a similar name. Upon installation, it tracks and uploads user information to a remote server, including the downloaded package name, intended package name, Node version, and whether the process is running as sudo. There is no further compromise beyond this information upload.

Recommendations Remove the requeest package from your dependencies and ensure that package names are typed correctly during installation to prevent similar issues.