Phylum ⦾ The Software Supply Chain Security Company
Phylum scans packages in open-source repositories, identifying threats, risks and supply chain attacks. We build tools to help developers and the organizations they work for block attacks, malware, and vulnerabilities from entering their software development lifecycle.
😄 Sign-up for a free Phylum account and start identifying and blocking risks in your software projects.
🔧 Open-Source Projects
Phylum CLI
The Phylum CLI provides direct access to the Phylum platform. Create and submit project lockfiles/manifest files (e.g., package-lock.json, requirements.txt, etc.)
Birdcage (Cross-platform Execution Sandbox)
A cross-platform sandbox used in the Phylum CLI to provide a locked down environment for package installation.
🌐 Find Us Online
🧟♂️ 2023: Softare Supply Chain Attack Reporting
We have successfully identified numerous supply chain attacks. So far in 2023 we've reported on:
- SeroXen RAT in Typosquatted NuGet Package
- Cloud Provider Credentials Targeted in New PyPI Malware Campaign
- Sensitive Data Exfiltration Campaign Targets npm and PyPI
- Large Typosquat Campaign Targeting React and Angular
- Nascent Malware Campaign Targets npm, PyPI, and RubyGems Developers
- Dormant npm Package Update Targets Ethereum Private Keys
- Cryptocurrency Miner Masquerading as GCC Compiler Found in NPM Package
- NPM Package Masquerading as Email Validator Contains C2 and Sophisticated Data Exfiltration
- Rust Malware Staged on Crates.io
- Sophisticated, Highly-Targeted Attacks Continue to Plague npm
- Typosquat of popular Ethereum package on npm sends private keys to remote server
- Targeted npm Malware Attempts to Steal Company Source Code and Secrets
- June’s Sophisticated npm Attack Attributed to North Korea
- Phylum Discovers Sophisticated Ongoing Attack on NPM
- Respawning Malware Persists on PyPI
- Phylum Detects Suspicious Publications Surrounding Popular Python Package Flask
- Phylum Discovers Mischievous NPM Publications
- Attackers Repurposing existing Python-based Malware for Distribution on NPM
- Phylum Discovers NPM Package mathjs-min Contains Credential Stealer
- Malicious Actors Use Unicode Support in Python to Evade Detection
- Phylum Discovers Aggressive Attack on PyPI Attempting to Deliver Rust Executable
- Phylum Discovers Go-Based RAT “Spark” Being Distributed on PyPI
- Phylum Discovers Revived Crypto Wallet Address Replacement Attack
- Phylum Identifies 137 Malicious npm Packages
- A Deep Dive Into poweRAT: a Newly Discovered Stealer/RAT Combo Polluting PyPI