Welcome to our blog

Get the latest insights from our team & community.

  • Technical

Spark and Rust - How to Build Fast, Distributed and Flexible Analytics Pipelines with Side Effects

Apache Spark is a powerful piece of software that has enabled Phylum to build and run complex analytics and models over a big data lake comprised of data from popular programming language ecosystems.

Andrea Venuta, Senior Software Engineer
Andrea Venuta, Senior Software Engineer - October 7, 2021

Stay in the know.

Get the latest cybersecurity news, product updates, and resources by email.

Software Supply Chain Security (15)
Technical (8)
Product Release (1)
The Anatomy of a Malicious Package
  • Technical

The Anatomy of a Malicious Package

What does a malicious package actually look like in practice? We'll walk through some hypothetical exercises to see how malware generally works, and what sort of functions we might expect, from...

Aaron Bray, CEO
Aaron Bray, CEO - August 21, 2020
  • Software Supply Chain Security

The State of the NPM Ecosystem

What does the upstream for major packages really look like? Over the past few years, the shape of the open source ecosystem landscape has shifted drastically, exploding both in the volume of...

Aaron Bray, CEO
Aaron Bray, CEO - August 10, 2020
Supply Chain Security
  • Software Supply Chain Security

Typosquatting and Other Attacks Against Open Source Dependencies

In November of 2018 a malicious Javascript package was identified and subsequently removed from the NPM ecosystem. A nefarious modification was introduced into this package, flatmap-stream, which was...

Louis Lang, CTO
Louis Lang, CTO - July 27, 2020
1 2 3