Phylum Insights and Resources

2025 Software Supply Chain Security Trends & Predictions: AI, Shadow Application Development and Nation State Attacks

In 2025, prepare for increased software supply chain attacks initiated from the open-source ecosystem, more attack types, and expanded attack vectors.

Aaron Bray Nov 20, 2024 6 min read

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

SCA or public databases

82%

of Phylum’s findings are not found by
SCA or reported to public databases

Other curation tools

70%

of Phylum’s findings are not found by
other curation tools

Other software supply chain companies

60%

of Phylum’s findings are not found by
other software supply chain companies

Q3 2024 Evolution of Software Supply Chain Security Report

Software supply chain security faces sophisticated security threats in the open-source ecosystem. Phylum analyzed millions of packages & files. Read more....

Phylum Research Team Oct 31, 2024 7 min read

Phylum For Artifact Repositories and Package Managers

Vet open-source software packages and block attacks before entering an organization or developer workstation....

Mikala Vidal Sep 24, 2024 3 min read

How to Mature Your Software Consumption and Modernize Your Software Supply Chain Security

Protect your appsec. Malicious packages pose a greater risk to the software supply chain than vulnerabilities. See Phylum Research....

Aaron Bray Aug 26, 2024 6 min read

Compiled Python Files

Learn how compiled Python modules can be included in packages to obfuscate intent and deliver a malicious payload....

Charles Coggins May 16, 2024 6 min read

Phylum Insights and Resources

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

Subscribe to our insights