Phylum Insights and Resources

Python Executable Hooks

Python customization modules in user or global site-packages directories can carry malicious code that runs every time the Python interpreter does.

Charles Coggins May 13, 2024 4 min read

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

SCA or public databases

82%

of Phylum’s findings are not found by
SCA or reported to public databases

Other curation tools

70%

of Phylum’s findings are not found by
other curation tools

Other software supply chain companies

60%

of Phylum’s findings are not found by
other software supply chain companies

Adding Spurious Wheels to PyPI

Learn how easy it is for threat actors to hide their malware in Python wheel artifacts hosted on the PyPI registry....

Charles Coggins May 10, 2024 4 min read

Modern Python Build Hooks

Arbitrary code execution is possible with build hooks offered by modern Python package installers when building modern PEP-518 pyproject.toml projects....

Charles Coggins May 6, 2024 14 min read

Devious Python Build Requirements

Build requirements in Python source distributions allow attackers to execute arbitrary code in an isolated build environment that is automatically deleted after use....

Charles Coggins Apr 29, 2024 11 min read

Python Package Installation Attacks

Arbitrary code execution is possible and even common during package installation. Learn how attackers use this to their advantage....

Charles Coggins Apr 24, 2024 5 min read

Phylum Insights and Resources

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

Subscribe to our insights