| | 70% of new NPM packages in last 6 months were spam (phylum.io) |
|
225 points by louislang 37 days ago | past | 111 comments
|
| | Malicious Go Binary Delivered via Steganography in PyPI (phylum.io) |
|
3 points by awaythrow999 3 months ago | past
|
| | Malicious Go Binary Delivered via Steganography in PyPI (phylum.io) |
|
4 points by campuscodi 4 months ago | past
|
| | Malicious Python Code Gains Execution (phylum.io) |
|
6 points by louislang 4 months ago | past
|
| | Spam: Unintended Consequences of Open Source Sustainability Platforms (phylum.io) |
|
3 points by louislang 5 months ago | past
|
| | Typosquatting Campaign Targets Python Developers (phylum.io) |
|
1 point by sigtstp 5 months ago | past | 1 comment
|
| | PyPI Suspends New User and Project Creation in Wake of Malware Campaign (phylum.io) |
|
16 points by louislang 5 months ago | past | 7 comments
|
| | Fake Developer Jobs Laced with Malware (phylum.io) |
|
5 points by pcloadletter_ 6 months ago | past | 1 comment
|
| | Crypto-Themed NPM Packages Found Delivering Stealthy Malware (phylum.io) |
|
15 points by arsabulhaiue 9 months ago | past | 2 comments
|
| | Malicious Nuget Packages Found Delivering SeroXen Malware (phylum.io) |
|
2 points by louislang 11 months ago | past
|
| | Cryptocurrency Miner Masquerading as GCC Compiler Found in NPM Package (phylum.io) |
|
18 points by freedude on Aug 31, 2023 | past | 4 comments
|
| | Rust Malware Staged on Crates.io (phylum.io) |
|
93 points by inferiorhuman on Aug 25, 2023 | past | 58 comments
|
| | Rust Malware Staged on Crates.io (phylum.io) |
|
5 points by 1MachineElf on Aug 25, 2023 | past
|
| | Highly-Targeted Attacks Continue to Plague NPM (phylum.io) |
|
4 points by louislang on Aug 14, 2023 | past
|
| | Sophisticated, Highly-Targeted Attacks Continue to Plague NPM (phylum.io) |
|
5 points by mcgin on Aug 12, 2023 | past
|
| | June’s Sophisticated NPM Attack Attributed to North Korea (phylum.io) |
|
2 points by thunderbong on July 26, 2023 | past
|
| | Mischievous NPM Publications (phylum.io) |
|
78 points by jwalton on May 5, 2023 | past | 25 comments
|
| | Malicious Actors Use Unicode Support in Python to Evade Detection (phylum.io) |
|
3 points by rrampage on April 7, 2023 | past | 1 comment
|
| | Malicious Actors Use Unicode Support in Python to Evade Detection (phylum.io) |
|
2 points by rbanffy on April 5, 2023 | past
|
| | Malicious Actors Use Unicode Support in Python to Evade Detection (phylum.io) |
|
3 points by todsacerdoti on March 29, 2023 | past
|
| | A PyPI typosquatting campaign post-mortem (phylum.io) |
|
3 points by louislang on Feb 28, 2023 | past
|
| | Aggressive Attack on PyPI Attempting to Deliver Rust Executable (phylum.io) |
|
148 points by iamspoilt on Feb 24, 2023 | past | 102 comments
|
| | A Deep Dive into PoweRAT: A Newly Discovered Stealer/Rat Combo Polluting PyPI (phylum.io) |
|
1 point by peteatphylum on Jan 5, 2023 | past
|
| | Ransomware Python Packages Currently Being Published to PyPI (phylum.io) |
|
7 points by louislang on Dec 9, 2022 | past | 3 comments
|
| | Disrupting a PyPI Software Supply Chain Threat Actor (phylum.io) |
|
5 points by louislang on Nov 23, 2022 | past
|
| | W4SP Stealer PyPI Injections – Attacker Now Masquerades as Popular Orgs (phylum.io) |
|
2 points by aflukasz on Nov 22, 2022 | past
|
| | Malicious Python packages replace crypto addresses in developer clipboards (phylum.io) |
|
92 points by sbf501 on Nov 7, 2022 | past | 46 comments
|
| | Dozens of malicious PyPI packages discovered targeting developers (phylum.io) |
|
754 points by louislang on Nov 2, 2022 | past | 320 comments
|
| | Active Typosquatting Campaign Against NPM (phylum.io) |
|
4 points by louislang on Oct 2, 2022 | past
|
| | The Dependency Network Shows the Complexity of the Software Ecosystem (phylum.io) |
|
1 point by louislang on Sept 29, 2022 | past
|
|
|
More |