A Deep Dive Into poweRAT: a Newly Discovered Stealer/RAT Combo Polluting PyPI
Phylum uncovers new PyPI malware distributing remote access tools.
Malware | Mar 22, 2023
Malicious Actors Use Unicode Support in Python to Evade Detection
Phylum uncovers a threat actor taking advantage of how the Python interpreter handles Unicode to obfuscate their malware.
The Phylum Research Team
Into The W4SPs Nest
Monitoring the communications of software supply chain malware...
Louis Lang, CTO
Report: 2022 Evolution of Software Supply Chain Security
Find out what the Phylum team learned in 2022 and is looking forward...
The Phylum Research Team
Disrupting a PyPI Software Supply Chain Threat Actor
Phylum disrupts software supply chain attacker attempting to...
Louis Lang, CTO
W4SP Stealer Update—Attacker now Attempting to Masquerade as Popular Orgs
Phylum's team has discovered more PyPI packages attempting to deliver...
The Phylum Research Team
Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack
Last week, our automated risk detection platform alerted us to...
The Phylum Research Team
Phylum Detects Active Typosquatting Campaign Targeting NPM Developers
Phylum detects a large scale typosquat campaign targeting the NPM...
Louis Lang, CTO
The Dependency Network Shows the Complexity of the Software Ecosystem
Part 2 in a blog series that will explore the software dependency...
Chris Tokita, Data Scientist
Malicious Open-Source Package Authors are Bad, and Should Feel Bad
It is no secret that malware is pervasive. What may come as a...
Louis Lang, CTO
Malware Targeting dYdX Crypto Exchange
Shortly before 12:00 PM UTC on September 23, 2022, our platform...