Disrupting a PyPI Software Supply Chain Threat Actor

Software supply chain attacks in the open-source ecosystem are frequent and pervasive. The cost of publishing a malicious package is low, while the payoff could be high - yielding keys to infrastructure, bank credentials, or cryptocurrency.

Subscribe to our research

Keep up with the latest software supply chain attacks

⏲Please hold while we check our collection.

Something's gone wrong. Please try again.

Success! Check your inbox for our email.