Phylum Statistics Over The Last Year

Phylum analyzes open-source packages as they are published to popular open-source repositories. Today we monitor npm, PyPI, Nuget, Cargo, Go, and RubyGems. In the past year we have analyzed millions of packages and hundreds of millions of files. In doing so we have identified nation state campaigns and numerous packages stealing developer credentials!

0

Open-source Packages Scanned

0

Open-source Files Analyzed

0

Packages With Malware Like Behavior

Latest News

Respawning Malware Persists on PyPI

Phylum Launches Partner Program

Targeted npm Malware Attempts to Steal Company Source Code

Phylum First To Identify Nation State Campaign

Quarterly Research Reports

Phylum publishes quarterly reports on interesting trends and threats across the software supply chain landscape.

Q2 2023

Q1 2023

2022

Get Started with Phylum

Start automating software supply chain security to contextualize risks, block attacks and only use open-source that you trust.


Install
Sign Up

Become a Partner

Our partnerships are designed to strengthen software supply chain security defenses through correlated, contextual risk analysis combined with the tools our users trust.

Become a partner

Subscribe to Our Research

Stay up-to-date on sophisticated software supply chain attacks that Phylum has uncovered.



Install
Sign Up
Terms
Privacy & TermsCookie PolicySecuritySign In
Company
TeamCareersNews & PressContact UsPartners
Resources
Research BlogInsights & ResourcesRisk PhilosophyFAQ
Copyright 2023 © Phylum, Inc.