Phylum Research

A Note About Polyfill

Phylum Research

Discover the power of polyfills. Learn how these essential tools bridge the gap between modern JavaScript features and older browsers. See Phylum Research.

Phylum Research Team Jun 27, 2024 32 min read

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

SCA or public databases

82%

of Phylum’s findings are not found by
SCA or reported to public databases

Other curation tools

70%

of Phylum’s findings are not found by
other curation tools

Other software supply chain companies

60%

of Phylum’s findings are not found by
other software supply chain companies

npm Package Caught Stealing Crypto Browser Extension Data

Uncover the hidden dangers of npm packages. Phylum Research reveals a malicious package known as "react-zutils" designed to steal cryptocurrency data....

Phylum Research Team Jun 5, 2024 8 min read

Sophisticated RAT Targeting Gulp Projects on npm

This Phylum research exposes a malicious package containing a Remote Access Trojan (RAT) targeting developers using Gulp. Learn more....

Phylum Research Team May 31, 2024 9 min read

Malicious Go Binary Delivered via Steganography in PyPI

Open-source Ecosystem Malware Alert: Phylum Research exposes a novel steganography attack to deliver a malicious Go binary within a PyPI package....

Phylum Research Team May 10, 2024 5 min read

Nation-State Threat Actors Renew Publications to npm

North Korean threat actors return to npm with a new attack. Phylum detects malicious packages targeting macOS and Windows. Protect your software supply chain....

Phylum Research Team Apr 24, 2024 6 min read

Phylum Research

Phylum Blocks Software Supply Chain Security Attacks

Phylum identifies malicious or risky open-source packages before they enter the software supply chain.

Subscribe to our research