Phylum Research | Software Supply Chain Security (Page 2)

Q2 2024 Evolution of Software Supply Chain Security Report

Research

In Q2 2024, verified malicious package publications were up with increased obfuscation. Attack sophistication has continued to evolve. See the Phylum Research Team's Quarterly Report.

Phylum Research Team Jul 31, 2024 7 min read

Subscribe to our research

Keep up with the latest software supply chain attacks

Fake AWS Packages Ship Command and Control Malware In JPEG Files

Beware of malicious JPEG files. Fake AWS packages sneak command-and-control malware into systems, leaving developers vulnerable to attack for more extended periods. See Phylum Research....

Phylum Research Team Jul 14, 2024 5 min read

New Tactics from a Familiar Threat

North Korean hackers are using a new tactic to target software developers. They create fake copies of legitimate packages to steal cryptocurrency and other sensitive data. See Phylum Research......

Phylum Research Team Jul 8, 2024 9 min read

Persistent npm Campaign Shipping Trojanized jQuery

Protect your JavaScript projects. Learn about a persistent campaign targeting npm with trojanized jQuery packages designed to steal form data. See Phylum Research....

Phylum Research Team Jul 3, 2024 8 min read

A Note About Polyfill

Discover the power of polyfills. Learn how these essential tools bridge the gap between modern JavaScript features and older browsers. See Phylum Research....

Phylum Research Team Jun 27, 2024 32 min read