all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Q1 2024 Evolution of Software Supply Chain Security Report

Add to bookmarks
April 15, 2024, 5:12 p.m. | Phylum Research Team

Phylum blog.phylum.io

Open source makes up a considerable part of modern-day software projects. CVEs abound for open-source libraries and software packages; however, according to Kenna Security, only 2-5% of these CVEs are ever exploited in the wild. By contrast, 82% of the malicious packages identified by Phylum never receive a CVE or

cve cves exploited in the wild libraries malicious malicious packages open source packages phylum projects report research security security report software software supply chain software supply chain security supply supply chain supply chain security

Visit resource

More from blog.phylum.io / Phylum

Devious Python Build Requirements 19 hours ago | blog.phylum.io
arbitrary code attackers build code +5
Python Package Installation Attacks 5 days, 22 hours ago | blog.phylum.io
attackers attacks back code +14
Python Trojan Functions and Imports 5 days, 22 hours ago | blog.phylum.io
calling code concept functions +10
Python Package Spoofing 5 days, 22 hours ago | blog.phylum.io
authors code developers foundation +18
Series: How Malicious Python Code Gains Execution 5 days, 22 hours ago | blog.phylum.io
attackers code dependencies developer +21
Nation-State Threat Actors Renew Publications to npm 6 days, 15 hours ago | blog.phylum.io
apts attack back blog +18
Enterprise Strategy Group Report: The Growing Complexity of Securing the Software Supply Chain 1 week, 6 days ago | blog.phylum.io
america called complexity developer +21
Q1 2024 Evolution of Software Supply Chain Security Report 2 weeks ago | blog.phylum.io
cve cves exploited in the wild +17
Rust crate shipping xz backdoor 2 weeks, 5 days ago | blog.phylum.io
attack backdoor compression engineer +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Threat Analysis Engineer

@ Gen | IND - Tamil Nadu, Chennai
View on infosec-jobs.com

Head of Security

@ Hippocratic AI | Palo Alto
View on infosec-jobs.com

IT Security Vulnerability Management Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com

Security Engineer - Netskope/Proofpoint

@ Sainsbury's | Coventry, West Midlands, United Kingdom
View on infosec-jobs.com

Journeyman Cybersecurity Analyst

@ ISYS Technologies | Kirtland AFB, NM, United States
View on infosec-jobs.com
View more jobs