Phylum Research Team - Phylum Research | Software Supply Chain Security (Page 14)

Phylum detects a series of suspicious publications on NPM…again

Phylum Research

On the morning on December 20th, Phylum’s automated risk detection platform alerted us to a series of suspicious publications on NPM. They are all published by the user yandex.pizda who claims in the description

Phylum Research Team Dec 30, 2022 7 min read

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

SCA or public databases

82%

of Phylum’s findings are not found by
SCA or reported to public databases

Other curation tools

70%

of Phylum’s findings are not found by
other curation tools

Other software supply chain companies

60%

of Phylum’s findings are not found by
other software supply chain companies

Phylum Discovers New Stealer Variants in Burgeoning PyPI Supply Chain Attack

Phylum Research

On December 6, 2022 Phylum’s automated risk detection platform started alerting us to a series of dangerous publications on PyPI. As we started digging into it, we discovered what appears to be the start of

Phylum Research Team Dec 19, 2022 5 min read

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

SCA or public databases

82%

of Phylum’s findings are not found by
SCA or reported to public databases

Other curation tools

70%

of Phylum’s findings are not found by
other curation tools

Other software supply chain companies

60%

of Phylum’s findings are not found by
other software supply chain companies

W4SP Stealer Update—They’re Still At It

Phylum Research

This one will be short and sweet! Since our last W4SP Stealer update, we’ve seen at least an additional 47 packages containing W4SP Stealer published on PyPI by these threat actors. And again, they are

Phylum Research Team Dec 15, 2022 1 min read

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

SCA or public databases

82%

of Phylum’s findings are not found by
SCA or reported to public databases

Other curation tools

70%

of Phylum’s findings are not found by
other curation tools

Other software supply chain companies

60%

of Phylum’s findings are not found by
other software supply chain companies

Into The W4SPs Nest

Phylum Research

Overview Phylum has been busy in 2022, disrupting actors keen on publishing malware into open-source ecosystems, helping to identify and remove malicious software packages, and poking fun at the attackers to their faces. We released our

Phylum Research Team Dec 13, 2022 7 min read

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

SCA or public databases

82%

of Phylum’s findings are not found by
SCA or reported to public databases

Other curation tools

70%

of Phylum’s findings are not found by
other curation tools

Other software supply chain companies

60%

of Phylum’s findings are not found by
other software supply chain companies

Phylum Adds Rust and Go to Its Supported Languages

Phylum Insights and Resources

With these additions, we continue our commitment to providing the broadest software supply chain coverage in the market. According to a Developer Nation report, the use of Rust tripled in size from just 0.6M developers

Phylum Research Team Dec 10, 2022 2 min read

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

SCA or public databases

82%

of Phylum’s findings are not found by
SCA or reported to public databases

Other curation tools

70%

of Phylum’s findings are not found by
other curation tools

Other software supply chain companies

60%

of Phylum’s findings are not found by
other software supply chain companies