Into The W4SPs Nest

Overview Phylum has been busy in 2022, disrupting actors keen on publishing malware into open-source ecosystems, helping to identify and remove malicious software packages, and poking fun at the attackers to their faces. We released our

Subscribe to our research

Keep up with the latest software supply chain attacks

⏲Please hold while we check our collection.

Something's gone wrong. Please try again.

Success! Check your inbox for our email.

Pick a Python Lockfile and Improve Security

Python dependency management is a nightmare because there are so many ways to do it (ironically un-pythonic) and that can lead to dependency confusion, mis-managed dependencies, stale dependencies, etc. Phylum can read lockfiles from many different sources to make sure you're safe....