NPM Malware Targeting HubSpot’s Bucky Client
Our risk analysis platform recently alerted us to a malicious package...
Malware | Feb 28, 2023
A PyPI typosquatting campaign post-mortem
Phylum performs a thorough breakdown of a typosquat campaign on PyPI that we identified earlier this month.
The Phylum Research Team
Phylum's Monthly Malware Report: June 2022 - Don't Believe the Type
Check out the results from Phylum's monthly analysis of packages from...
Peter Morgan, President
Hidden Dependencies Lurking in the Software Dependency Network
Part 1 in a blog series that will explore the software dependency...
Chris Tokita, Data Scientist
Phylum's Monthly Malware Report: May 2022 - Precarious Payloads
To combat software supply chain attacks Phylum has been purpose-built...
Louis Lang, CTO
Phylum’s Monthly Malware Report: April 2022 - Malware Magnified
In 30 days Phylum has processed a total of 647,928 packages across...
Louis Lang, CTO
Phylum’s Monthly Malware Report: March 2022 – Unknown Unknowns
Phylum was purpose built to analyze the risk of all package releases...
Louis Lang, CTO
Recent NPM Malware
NPM, JavaScript’s most popular package manager has seen a rash of...
Peter Morgan, President
Vulnerability Reporting Has Fallen Behind
With the explosion of new software over the past decade,...
