W4SP Stealer Update—They’re Still At It
In case the threat actors haven’t figured it out yet, Phylum has a...
Malware | Mar 22, 2023
Malicious Actors Use Unicode Support in Python to Evade Detection
Phylum uncovers a threat actor taking advantage of how the Python interpreter handles Unicode to obfuscate their malware.
The Phylum Research Team
Into The W4SPs Nest
Monitoring the communications of software supply chain malware...
Louis Lang, CTO
Phylum Detects Ongoing Typosquat/Ransomware Campaign in PyPI and NPM
Malicious packages that download ransomware binaries written in...
Louis Lang, CTO
Report: 2022 Evolution of Software Supply Chain Security
Find out what the Phylum team learned in 2022 and is looking forward...
The Phylum Research Team
Disrupting a PyPI Software Supply Chain Threat Actor
Phylum disrupts software supply chain attacker attempting to...
Louis Lang, CTO
W4SP Stealer Update—Attacker now Attempting to Masquerade as Popular Orgs
Phylum's team has discovered more PyPI packages attempting to deliver...
The Phylum Research Team
Malicious Python Packages Replace Crypto Addresses in Developer Clipboards
Phylum uncovers a new campaign targeting Python developers. Malware...
Louis Lang, CTO
Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack
Last week, our automated risk detection platform alerted us to...
The Phylum Research Team
Phylum Detects Active Typosquatting Campaign Targeting NPM Developers
Phylum detects a large scale typosquat campaign targeting the NPM...
Louis Lang, CTO
The Dependency Network Shows the Complexity of the Software Ecosystem
Part 2 in a blog series that will explore the software dependency...
