Discord Contact

Phylum Research

The Great npm Garbage Patch

The Great npm Garbage Patch

Phylum Research
Open-source spam is a growing threat. The Tea protocol and npm are taking action, but the problem persists. Our research is dedicated to combating this issue and protecting the integrity of the open-source ecosystem. See Phylum Research.
Phylum Research Team 5 min read

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

SCA or public databases
82%

of Phylum’s findings are not found by
SCA or reported to public databases

Other curation tools
70%

of Phylum’s findings are not found by
other curation tools

Other software supply chain companies
60%

of Phylum’s findings are not found by
other software supply chain companies

Subscribe to our research

Keep up with the latest software supply chain attacks

⏲Please hold while we check our collection.

Something's gone wrong. Please try again.

Success! Check your inbox for our email.

New Tactics from a Familiar Threat

New Tactics from a Familiar Threat

North Korean hackers are using a new tactic to target software developers. They create fake copies of legitimate packages to steal cryptocurrency and other sensitive data. See Phylum Research......
Phylum Research Team 9 min read