Research

Sophisticated, Highly-Targeted Attacks Continue to Plague npm

Research

⚠️Update Aug 16, 2023: This appears to be an ongoing campaign. The actor recently published another package hreport-preview with slight modifications. Namely pulling reverse shells from https://img.murphysec-nb[.]love ⚠️Update Aug 17-19, 2023: This actor

Phylum Research Team Aug 12, 2023 10 min read

Subscribe to our research

Keep up with the latest software supply chain attacks

Typosquat of popular Ethereum package on npm sends private keys to remote server

On Aug 3, 2023 Phylum’s automated risk detection platform alerted us to a series of suspicious publications on npm. The attacker eventually published final...

Phylum Research Team Aug 5, 2023 6 min read

Targeted npm Malware Attempts to Steal Company Source Code and Secrets

🚨August 9, 2023 Update: This appears to be a slow, on-going attack. Since our initial report, two more packages have been identified as part of...

Phylum Research Team Aug 3, 2023 9 min read

Q2 2023 Evolution of Software Supply Chain Security Report

Phylum focuses on the identification and mitigation of software supply chain attacks. We monitor each open-source ecosystem, cataloging and analyzing every package published in real-time....

Phylum Research Team Jul 25, 2023 14 min read

June’s Sophisticated npm Attack Attributed to North Korea

In June 2023, Phylum was the first to unearth a series of suspicious npm publications belonging to what appeared to be a highly targeted attack....

Phylum Research Team Jul 22, 2023 5 min read