In the dependency confusion attacks, a user can be tricked into installing a malicious dependency/library instead of the one they intended to install.