Research   |   Oct 02, 2022

Phylum Detects Active Typosquatting Campaign Targeting NPM Developers

Phylum detects a large scale typosquat campaign targeting the NPM...

Research   |   Sep 26, 2022

Open-Source Malware Is Bad, and You Should Feel Bad

It is no secret that malware is pervasive. What may come as a...

Research   |   Sep 23, 2022

Malware Targeting dYdX Crypto Exchange

Shortly before 12:00 PM UTC on September 23, 2022, our platform...

Research   |   Sep 15, 2022

NPM Malware Targeting HubSpot’s Bucky Client

Our risk analysis platform recently alerted us to a malicious package...

Research   |   May 19, 2022

Phylum's Monthly Malware Report: May 2022 - Precarious Payloads

To combat software supply chain attacks Phylum has been purpose-built...

Research   |   Apr 19, 2022

Phylum’s Monthly Malware Report: April 2022 - Malware Magnified

In 30 days Phylum has processed a total of 647,928 packages across...

Research   |   Mar 15, 2022

Phylum’s Monthly Malware Report: March 2022 – Unknown Unknowns

Phylum was purpose built to analyze the risk of all package releases...

Attack Types   |   Jul 27, 2020

Typosquatting and Other Attacks Against Open Source Dependencies

In November of 2018, a malicious Javascript package was identified...