Outer Web | Explore

Explore >> Select a destination

You are here		www.reversinglabs.com A new playground: Malicious campaigns proliferate from VSCode to npm
\|	\|	blog.phylum.io Q2 2024 Evolution of Software Supply Chain Security Report	6.5 parsecs away Travel
\|	\|	Headed to Black Hat USA? Come talk to Phylum! Software supply chains are complicated. In this complicated web of globally distributed software, attackers can lie in wait, releasing malicious software libraries to unsuspecting developers and organizations. It is prohibitively difficult to manually scan and analyze every package a given organization	6.5 parsecs away Travel
\|	\|	blog.phylum.io North Korea Still Attacking Developers via npm \| Phylum	7.6 parsecs away Travel
\|	\|	There's a renewed surge of attacks with obfuscated JavaScript and fake job campaigns to compromise developers and infiltrate companies. See Phylum research.	7.6 parsecs away Travel
\|	\|	blog.phylum.io The xz/liblzma Compromise and Software Supply Chain Security	6.3 parsecs away Travel
\|	\|	At the end of March 2024, a major software supply chain attack was identified: some upstream forks of the popular xz/liblzma library that underpins the massively popular OpenSSH Server was compromised. A rogue contributor appears to have worked to influence the maintainers of the library, adding in seemingly innocuous	6.3 parsecs away Travel
\|	\|	www.reversinglabs.com Backdoor implant discovered on PyPI posing as debugging utility	62.6 parsecs away Travel
\|		RL researchers detected a sophisticated, malicious package believed to be an ongoing campaign that may be linked to a hacktivist gang.	62.6 parsecs away Travel