Into The W4SPs Nest
Monitoring the communications of software supply chain malware...
| Jan 29, 2023
Phylum Identifies 137 Malicious npm Packages
137 malicious packages were recently published to npm that exfiltrate host information to a remote endpoint as part of a...
The Phylum Research Team
Phylum Detects Ongoing Typosquat/Ransomware Campaign in PyPI and NPM
Malicious packages that download ransomware binaries written in...
Louis Lang, CTO
Disrupting a PyPI Software Supply Chain Threat Actor
Phylum disrupts software supply chain attacker attempting to...
Louis Lang, CTO
Malicious Python Packages Replace Crypto Addresses in Developer Clipboards
Phylum uncovers a new campaign targeting Python developers. Malware...
Louis Lang, CTO
Phylum Detects Active Typosquatting Campaign Targeting NPM Developers
Phylum detects a large scale typosquat campaign targeting the NPM...
Louis Lang, CTO
Malicious Open-Source Package Authors are Bad, and Should Feel Bad
It is no secret that malware is pervasive. What may come as a...
Louis Lang, CTO
Malware Targeting dYdX Crypto Exchange
Shortly before 12:00 PM UTC on September 23, 2022, our platform...
Louis Lang, CTO
NPM Malware Targeting HubSpot’s Bucky Client
Our risk analysis platform recently alerted us to a malicious package...
Louis Lang, CTO
Phylum's Monthly Malware Report: May 2022 - Precarious Payloads
To combat software supply chain attacks Phylum has been purpose-built...
Louis Lang, CTO
Phylum’s Monthly Malware Report: April 2022 - Malware Magnified
In 30 days Phylum has processed a total of 647,928 packages across...