A Proprietary Database of Malicious Open-Source Packages

The Phylum Threat Feed

An API of real-time software supply chain attacks

The Phylum Threat Feed is a curated view of software supply chain attacks and malicious packages that have been published to open source ecosystems (e.g., npm, PyPI, RubyGems, etc.). The feed pulls data from Phylum's proprietary database and shows timely, high-signal threat feed data that informs organizations of software supply chain attacks as well as leading indicators of potential future threats. This high-fidelity data is actionable on its own and can be consumed by any any security analytics or observability product to enrich other findings.

Subscribe Now
$830/month, billed annually

Risks reported by the Phylum Threat Feed

Malware

Credential stealers

Typosquatting

Backdoors

Nation-State attacks

Features

Be the First to Know

Phylum was the first to discover nation state actors attacking the software supply chain. This attack was surfaced on our threat feed days before it became public knowledge. Get automated, actionable threat data shortly after the packages are published.

Enrich Other Findings

Ingest the threat feed into any security analytics or observability tool

Act On Data Quickly

See high-fidelity threat data with minimal false positives

Threat Feed Taxonomy

The threat feed is a JSON API. It provides you with the package name, version, ecosystem, hashes and other indicators of compromise (IOCs). This data can be queried and fed into other security products or data analysis tooling.

Want to dive deeper into the threat feed? Learn more in the Phylum docs.

Monitoring All Of Open Source
Phylum automatically monitors seven open source ecosystems: npm, PyPI, RubyGems, Crates.io, NuGet, Maven Central, and Golang. Identified malware appears directly in the threat feed.

Phylum App for Sumo Logic

See Phylum’s automated software supply chain attack threat data in Sumo Logic

The Phylum Threat Feed provides a curated view of malicious packages that are published into the open-source ecosystem. The feed shows timely, high signal threat data that informs organizations of software supply chain attacks that have executed as well as indicators of potential future threats.

Learn More
Phylum Research
Follow our research blog to stay up to date on our latest reports and findings.​
See Phylum Research
Rust Malware Staged on Crates.io
Phylum successfully identified and stopped the publication of malicious packages to the Rust ecosystem, Crates.io.
Sophisticated, Highly-Targeted Attacks Continue to Plague npm
Packages found communicating with C2 servers waiting for commands from attackers.
Targeted npm Malware steals company source code
Packages uncovered exfiltrating source code to an attacker controlled FTP server...