Phylum

Nascent Malware Campaign Targets npm, PyPI, and RubyGems Developers

Research

⚠️September 5, 2023: This appears to be an ongoing campaign with additional packages published. The package timeline table has been updated to reflect this. Phylum has been extremely busy in the past few weeks, reporting on

Phylum Research Team Sep 4, 2023 7 min read

Subscribe to our research

Keep up with the latest software supply chain attacks

Dormant npm Package Update Targets Ethereum Private Keys

On the afternoon of September 1, 2023 Phylum's automated risk detection platform flagged two new publications of the https://app.phylum.io/package/npm/hardhat-gas-report/...

Phylum Research Team Sep 2, 2023 4 min read

Cryptocurrency Miner Masquerading as GCC Compiler Found in NPM Package

The Phylum Research Team has identified several packages shipping cryptominers masquerading as legitimate compilers....

Phylum Research Team Aug 30, 2023 4 min read

NPM Package Masquerading as Email Validator Contains C2 and Sophisticated Data Exfiltration

On the morning of August 24, Phylum's automated risk detection system identified a suspicious package published to npm called “emails-helper." A deeper investigation revealed that...

Phylum Research Team Aug 25, 2023 13 min read

Rust Malware Staged on Crates.io

Phylum routinely identifies malware and other software supply chain attacks targeting high-value, critical assets: an organization’s software developers. Most recently, we’ve reported on...

Phylum Research Team Aug 24, 2023 5 min read