An Introduction to Open-Source Software Supply Chain Risk

The Phylum Research Team turns four this month, and regular readers of this blog have seen how our team has exposed a wide variety of open-source malware campaigns. We have tracked down authors and their packages across a spectrum of maliciousness — from mischievous developers and petty thieves to a

authors blog campaigns developers down exposed introduction malware open-source malware open-source software packages petty phylum regular research risk software software supply chain software supply chain risk spectrum supply supply chain supply chain risk team thieves