all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Nascent Malware Campaign Targets npm, PyPI, and RubyGems Developers

Add to bookmarks
Sept. 4, 2023, 7:50 a.m. | Phylum Research Team

Phylum blog.phylum.io

⚠️September 5, 2023: This appears to be an ongoing campaign with additional packages published. The package timeline table has been updated to reflect this.

Phylum has been extremely busy in the past few weeks, reporting on multiple malware campaigns, including malicious updates to npm packages, malware masquerading as

campaign campaigns developers malicious malware malware campaign npm package packages phylum pypi reporting research rubygems september timeline updates

Visit resource

More from blog.phylum.io / Phylum

Devious Python Build Requirements 3 days, 5 hours ago | blog.phylum.io
arbitrary code attackers build code +5
Python Package Installation Attacks 1 week, 1 day ago | blog.phylum.io
attackers attacks back code +14
Python Trojan Functions and Imports 1 week, 1 day ago | blog.phylum.io
calling code concept functions +10
Python Package Spoofing 1 week, 1 day ago | blog.phylum.io
authors code developers foundation +18
Series: How Malicious Python Code Gains Execution 1 week, 1 day ago | blog.phylum.io
attackers code dependencies developer +21
Nation-State Threat Actors Renew Publications to npm 1 week, 2 days ago | blog.phylum.io
apts attack back blog +18
Enterprise Strategy Group Report: The Growing Complexity of Securing the Software Supply Chain 2 weeks, 2 days ago | blog.phylum.io
america called complexity developer +21
Q1 2024 Evolution of Software Supply Chain Security Report 2 weeks, 3 days ago | blog.phylum.io
cve cves exploited in the wild +17
Rust crate shipping xz backdoor 3 weeks ago | blog.phylum.io
attack backdoor compression engineer +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Information Security Specialist, Sr. (Container Hardening)

@ Rackner | San Antonio, TX
View on infosec-jobs.com

Principal Security Researcher (Advanced Threat Prevention)

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

EWT Infosec | IAM Technical Security Consultant - Manager

@ KPMG India | Bengaluru, Karnataka, India
View on infosec-jobs.com

Security Engineering Operations Manager

@ Gusto | San Francisco, CA; Denver, CO; Remote
View on infosec-jobs.com

Network Threat Detection Engineer

@ Meta | Denver, CO | Reston, VA | Menlo Park, CA | Washington, DC
View on infosec-jobs.com
View more jobs