A Note About Polyfill
Discover the power of polyfills. Learn how these essential tools bridge the gap between modern JavaScript features and older browsers. See Phylum Research.
Phylum Research Team
Hackers, Data Scientists, and Engineers responsible for the identification and takedown of software supply chain attackers.
npm Package Caught Stealing Crypto Browser Extension Data
Uncover the hidden dangers of npm packages. Phylum Research reveals a malicious package known as "react-zutils" designed to steal cryptocurrency data.
Sophisticated RAT Targeting Gulp Projects on npm
This Phylum research exposes a malicious package containing a Remote Access Trojan (RAT) targeting developers using Gulp. Learn more.
Malicious Go Binary Delivered via Steganography in PyPI
Open-source Ecosystem Malware Alert: Phylum Research exposes a novel steganography attack to deliver a malicious Go binary within a PyPI package.
Nation-State Threat Actors Renew Publications to npm
North Korean threat actors return to npm with a new attack. Phylum detects malicious packages targeting macOS and Windows. Protect your software supply chain.