all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

An Introduction to Open-Source Software Supply Chain Risk

Add to bookmarks
March 20, 2024, 10:19 p.m. | Phylum Research Team

Phylum blog.phylum.io

The Phylum Research Team turns four this month, and regular readers of this blog have seen how our team has exposed a wide variety of open-source malware campaigns. We have tracked down authors and their packages across a spectrum of maliciousness — from mischievous developers and petty thieves to a

authors blog campaigns developers down exposed introduction malware open-source malware open-source software packages petty phylum regular research risk software software supply chain software supply chain risk spectrum supply supply chain supply chain risk team thieves

Visit resource

More from blog.phylum.io / Phylum

Devious Python Build Requirements 2 days, 1 hour ago | blog.phylum.io
arbitrary code attackers build code +5
Python Package Installation Attacks 1 week ago | blog.phylum.io
attackers attacks back code +14
Python Trojan Functions and Imports 1 week ago | blog.phylum.io
calling code concept functions +10
Python Package Spoofing 1 week ago | blog.phylum.io
authors code developers foundation +18
Series: How Malicious Python Code Gains Execution 1 week ago | blog.phylum.io
attackers code dependencies developer +21
Nation-State Threat Actors Renew Publications to npm 1 week ago | blog.phylum.io
apts attack back blog +18
Enterprise Strategy Group Report: The Growing Complexity of Securing the Software Supply Chain 2 weeks, 1 day ago | blog.phylum.io
america called complexity developer +21
Q1 2024 Evolution of Software Supply Chain Security Report 2 weeks, 2 days ago | blog.phylum.io
cve cves exploited in the wild +17
Rust crate shipping xz backdoor 2 weeks, 6 days ago | blog.phylum.io
attack backdoor compression engineer +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs