Malicious Open-Source Package Authors are Bad, and Should Feel Bad
It is no secret that malware is pervasive. What may come as a...
Malware | Mar 22, 2023
Malicious Actors Use Unicode Support in Python to Evade Detection
Phylum uncovers a threat actor taking advantage of how the Python interpreter handles Unicode to obfuscate their malware.
The Phylum Research Team
Malware Targeting dYdX Crypto Exchange
Shortly before 12:00 PM UTC on September 23, 2022, our platform...
Louis Lang, CTO
NPM Malware Targeting HubSpot’s Bucky Client
Our risk analysis platform recently alerted us to a malicious package...
Louis Lang, CTO
The Unacknowledged Risk of Authors
One of the largest attack surfaces across the software supply chain...
Aaron Bray, CEO
Phylum's Monthly Malware Report: June 2022 - Don't Believe the Type
Check out the results from Phylum's monthly analysis of packages from...
Peter Morgan, President
Hidden Dependencies Lurking in the Software Dependency Network
Part 1 in a blog series that will explore the software dependency...
Chris Tokita, Data Scientist
Phylum's Monthly Malware Report: May 2022 - Precarious Payloads
To combat software supply chain attacks Phylum has been purpose-built...
Louis Lang, CTO
Phylum’s Monthly Malware Report: April 2022 - Malware Magnified
In 30 days Phylum has processed a total of 647,928 packages across...
Louis Lang, CTO
Phylum’s Monthly Malware Report: March 2022 – Unknown Unknowns
Phylum was purpose built to analyze the risk of all package releases...
Louis Lang, CTO
Using Entropy to Identify Obfuscated Malicious Code
To avoid detection, malicious authors will deliberately obscure the...
