Software developers using GitLab CI are being targeted with malware through a typosquatting attack, putting downstream users at risk.