New Tactics from a Familiar Threat

For over a year, Phylum has been exposing North Korean threat actors attacking software developers in the open-source supply chain. This blog post highlights evolving tactics from a North Korean campaign that began in September 2023

Subscribe to our research

Keep up with the latest software supply chain attacks

A Note About Polyfill

Background On June 25, 2024, Sansec issued an alert to developers regarding a serious supply-chain security incident. The CDN on the polyfill[.]io domain was...