English
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어
Phylum_IO's profile picture. Phylum automates software supply chain security to contextualize risks, block attacks and allow organizations to only use trusted open-source code.

Phylum

@Phylum_IO

Phylum automates software supply chain security to contextualize risks, block attacks and allow organizations to only use trusted open-source code.

401Posts 336Followers 375Following
You might like
Phylum_IO's profile picture.
Phylum
 @Phylum_IO
Jan 6

📢 Breaking news: We’re beyond excited to announce that our malicious package analysis, detection, and mitigation technology has been acquired by @Veracode! Together, we’ll take software supply chain security to the next level. Read more below: veracode.com/press-release/…

Phylum_IO's tweet card. Application Security for the AI Era | Veracode
Veracode Acquires Phylum, Inc. Technology to Transform Software Supply Chain Security | Veracode
Source: veracode.com
0
1
7
0
819
Phylum_IO's profile picture.
Phylum
 @Phylum_IO
Nov 21

Phylum Exclusive Research Report by #CEO, Aaron Bray ⚔️ 2025 Software Supply Chain Security Trends & Predictions: AI, Shadow Application Development and Nation-State Attacks - blog.phylum.io/2025-trends-pr… #phylumresearch #softwaresupplychainsecurity #2025trends #CEOinsights

Phylum_IO's tweet card. In 2025, prepare for increased software supply chain attacks initiated from the open-source ecosystem, more attack types, and expanded attack vectors.
2025 Software Supply Chain Security Trends & Predictions
Source: blog.phylum.io
0
2
6
0
222
Phylum_IO's profile picture.
Phylum
 @Phylum_IO
Nov 7, 2024

"In Q3 2024, Phylum identified 465,897 malicious packages in the software supply chain open source ecosystem." Read the latest Evolution of Software Supply Chain Security Report via the Phylum Research Team - blog.phylum.io/q3-2024-evolut… [7 min read] #DevOps #CISO #opensourceecosystem

0
0
4
1
148
Phylum_IO's profile picture.
Phylum
 @Phylum_IO
Oct 18, 2024

Have you ever had your private #crypto keys stolen? #Malware authors have published forks of the popular Ethers library that exfiltrate private keys & give attackers #SSH access to infected machines. blog.phylum.io/trojanized-eth… #npm #opensource #security #ethereum #cryptocurrency

Phylum_IO's tweet card. Software supply chain attack targets open-source developers in npm via malicious packages that steal Ethereum private keys, gain SSH persistence.
Trojanized Ethers Forks on npm Attempting to Steal Ethereum Private Keys | Phylum
Source: blog.phylum.io
0
4
4
0
195
Phylum_IO's profile picture.
Phylum
 @Phylum_IO
Aug 6, 2024

In the last 6 months, roughly 70% of new #npm packages were #spam. What does this mean for supply chain security? At Black Hat USA? Find us in Startup City booth SC203! #npmjs #node #javascript #typescript #infosec #opensource blog.phylum.io/the-great-npm-…

Phylum_IO's tweet card. Open-source spam is a growing threat. The Tea protocol and npm are taking action, but the problem persists. Our research is dedicated to combating this issue and protecting the integrity of the...
The Great npm Garbage Patch | Phylum
Source: blog.phylum.io
0
3
4
0
392
Phylum_IO's profile picture.
Phylum
 @Phylum_IO
May 31, 2024

Nothing is safe. A few days ago, Phylum's automated platform identified a malicious package targeting users of the #gulp toolkit. The package drops a remote access tool and other nastiness. blog.phylum.io/sophisticated-… #javascript #malware #npm #typescript #opensource #gulpjs

Phylum_IO's tweet card. This Phylum research exposes a malicious package containing a Remote Access Trojan (RAT) targeting developers using Gulp. Learn more.
Sophisticated RAT Targeting Gulp Projects on npm | Phylum
Source: blog.phylum.io
0
2
7
0
167
Phylum_IO's profile picture.
Phylum
 @Phylum_IO
May 13, 2024

We've uncovered a package published to #PyPI that is hiding a C2 in a PNG file. This package ships as an improvement to the "requests" library, but actually ships a malicious Go binary! blog.phylum.io/malicious-go-b… #malware #opensource #supplychainsecurity #python #infosec #pip

Phylum_IO's tweet card. Open-source Ecosystem Malware Alert: Phylum Research exposes a novel steganography attack to deliver a malicious Go binary within a PyPI package.
Malicious Go Binary Delivered via Steganography in PyPI | Phylum
Source: blog.phylum.io
0
3
3
0
342
Phylum_IO's profile picture.
Phylum
 @Phylum_IO
Apr 24, 2024

We've uncovered new #malware packages published to #npm that appear to be an evolution on a previous supply chain attack carried out by nation state backed actors ☠ blog.phylum.io/north-korean-s… #npmjs #javascript #supplychainattack #opensource #infosec

Phylum_IO's tweet card. North Korean threat actors return to npm with a new attack. Phylum detects malicious packages targeting macOS and Windows. Protect your software supply chain.
Nation-State Threat Actors Renew Publications to npm | Phylum
Source: blog.phylum.io
0
3
5
0
229
peternixey's profile picture. Founder of https://t.co/G4ZyLhnjic, developer, writer and (very) occasional Angel. YCs2007. ❤️🏗️

Peter Nixey

@peternixey
CyberSecMonth's profile picture. Did you know October is European Cybersecurity Month? Check out this account for tips & advice on how to stay safe & secure online. Operated by @enisa_eu

Cyber Security Month

@CyberSecMonth
TheCyberSecHub's profile picture. World's Premier Cyber Security Portal™ #cybersecurity #infosec #hacking #tech 📧 info@thecybersecurityhub.com

The Cyber Security Hub™

@TheCyberSecHub
AppSec_Village's profile picture. AppSec Village @DEFCON & @RSAConference A volunteer-run, non-profit focused on education, awareness, and community. Founded by @erezyalon and @tzionit411.

AppSec Village

@AppSec_Village
liran_tal's profile picture. 🧠 MCP 🍩 Socially Engineering LLM 🤖 Hacking AI Agents 🦄 Node.js Secure Coding 🌟 @GitHub Star 🏅 @OpenJS Pathfinder award for Security 🥑 DevRel @snyksec

Liran Tal

@liran_tal
HackingButLegal's profile picture. Formerly @joebiden. I am not a lawyer, and this is not legal advice.

Jackie Singh (Inactive)

@HackingButLegal
0xdabbad00's profile picture. https://t.co/EXe2MI2DLm Cloud security historian. Developed https://t.co/ZXFwkuxUp4, CloudMapper, and Parliament. Organizer for @fwdcloudsec. Researcher at @wiz_io ✦

Scott Piper

@0xdabbad00
TheFinalHop's profile picture. Welcome to The Final Hop - your ultimate source for the latest in #CyberSecurity, technology trends, and digital innovation. #DarkWeb #infosec #TheFinalHop

The Final Hop

@TheFinalHop
HalcyonAi's profile picture. Detect. Disrupt. Defeat #Ransomware.

HalcyonAI

@HalcyonAi
ThePrimeagen's profile picture. skill issues: 🟩⬛️⬛️⬛️⬛️⬛️(69/420) https://t.co/qWJnB6p4EP https://t.co/IwY3FTx1ZE https://t.co/TYJ6aSpwYs

ThePrimeagen

@ThePrimeagen
780thC's profile picture. Official Twitter page of the 780th MI Brigade (Cyber). The Army's only offensive cyberspace operations brigade (following, retweets and links ≠ endorsement).

780th Military Intelligence Brigade (Cyber)

@780thC
AikidoSecurity's profile picture. secure everything you build, host, and run with aikido get devs back to building.

Aikido Security

@AikidoSecurity
farrukhkjadoon's profile picture. building & listening :wq

farrukh

@farrukhkjadoon
securitybrew's profile picture. Mom, Moderate common sense engineer #owasp #lasconatx @GeorgiaTech alum. If you encounter me in online gaming, please pretend you don’t know me.

Kate Brew

@securitybrew
DecryptedTech's profile picture. A Technology Journalist and cybersecurity professional. I have a mission to remove the marketing-speak from the information people receive in their news.

Bits, Bytes, and Bourbon

@DecryptedTech
TechstrongGroup's profile picture. The power source for people & tech @DevOpsdotcom @securityblvd @ContainerJrnl @DigCxO @Techstrongai @TechstrongTV @PlatformEng_ @TechstrongIT

Techstrong Group

@TechstrongGroup
EndorLabs's profile picture. The AppSec platform built for the AI era. It helps teams find, prioritize, & fix the most critical risks in code, whether written by humans or AI —faster.

Endor Labs

@EndorLabs
binarly_io's profile picture. ⛓️Binarly is the world’s most advanced automated software supply chain security platform.

BINARLY🔬

@binarly_io
CyberSecPlace's profile picture. Cyber Security News in one place! Retweets original Cyber Sec tweets.

Cyber Security News

@CyberSecPlace
SolutionsReview's profile picture. Covering all news in #BigData #CyberSecurity #Wireless #EnterpriseMobility #CloudPlatforms & more; Helping IT professionals find the best possible solutions.

Solutions Review

@SolutionsReview
Cybersecinsider's profile picture. Official Twitter Handle for https://t.co/NzYNXeh06q

CybersecInsider

@Cybersecinsider
AuthorityMgzine's profile picture. In-depth Interviews with Authorities in Pop Culture, Business, Tech, Wellness, & Social Impact. All of our storylines can be seen here https://t.co/RnGNVh3aPs

Authority Magazine

@AuthorityMgzine
BSidesSATX's profile picture. Join us on June 21, 2025!! Register, order swag, & see schedules at https://t.co/Dgs8kdiDy3; Videos at https://t.co/i3ye0g8HAr

BSides San Antonio / BSidesSATX

@BSidesSATX
SecurityBSides's profile picture. Building communities one event at a time. Thirteen years, over eight hundred events, and we're just getting started. @SecurityBSidesGlobal@infosec.exchange

Security BSides

@SecurityBSides
SiliconANGLE's profile picture. Extracting the Signal from the Noise. Where social science meets computer science. The ANGLE on technology. Also the home of @theCUBE #theCUBEresearch

SiliconANGLE

@SiliconANGLE
sjvn's profile picture. Top business & technology journalist with a fondness for dogs, cats, music, theater & books. @sjvn@mastodon.social @sjvn.bsky.social He/Him/His.

Steven J. Vaughan-Nichols

@sjvn
quine's profile picture. Not here much anymore because Space Karen and his acolytes ruined it | @quine@infosec.exchange | @quine.bsky.social | Opinions == mine | he/him/his

Zach Lanier #WearAMask 🇺🇦 #StandWithUkraine

@quine
MrsYisWhy's profile picture. Security Bene Gesserit and professional nerd stalker. Likes long walks in hubsites and searching for spice. Views: definitely those of my puppet overlords.

Mrs. Y.

@MrsYisWhy
allanfriedman's profile picture. #SBOM Champion. Full service technocrat. Now at @CISAgov, formerly NTIA. Lapsed{engineer, academic, author}. Personal Account.

Allan is @allanfriedman on bsky & infosec.exchange

@allanfriedman
SGgrc's profile picture. I didn't want to clutter up the corporate GibsonResearch Twitter account with lots of personal stuff. That's what this one is for.

Steve Gibson

@SGgrc
DataBreachToday's profile picture. https://t.co/W3hdE2tDZS brings you the most up-to-date data breach detection, notification and prevention news. Part of the @ISMG_News network.

DataBreachToday

@DataBreachToday
fintanr's profile picture. Competitive Insights at @github, much #AI, but still tracking #DevSecOps & #Cloud l recovering analyst (ex @redmonk, @Gartner_Inc) | 331 ppm

Fintan Ryan

@fintanr
ttaulli's profile picture. Advisory board member (TadHealth, MeasureSquare) | Founder & tech strategist on AI/agentic AI | Author of Building AI Agents and AI-Assisted Programming

tom taulli

@ttaulli
PythonLibHunt's profile picture. Your go-to Python Toolbox

Python LibHunt

@PythonLibHunt
the_jvan's profile picture. Founder @SoberInCyber. Cybersecurity marketer, natural habitat = hunched over a laptop sipping ☕. Fan of books, reptiles, fairies, and my geeky hubby 🌵

Jen VanAntwerp 👋

@the_jvan
eSecurityPlanet's profile picture. The latest #cybersecurity news, products, and trends on the planet. 💻 🔑🌐

eSecurityPlanet

@eSecurityPlanet
securityweekly's profile picture. Founder of Security Weekly, Principal Security Evangelist at Eclypsium

Paul Asadoorian @[email protected]

@securityweekly
DayOfShecurity's profile picture. Thank you to everyone who helped make events a huge success for #DayofShecurity! Follow us here and on LinkedIn for info about upcoming events. Here's to '23!

Day of Shecurity

@DayOfShecurity
SecurityEditor's profile picture. VP of Editorial at @ISMG_News, the source for business/security insights.

Tom Field

@SecurityEditor
HackingLZ's profile picture. CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars

Justin Elze

@HackingLZ
seanjregan's profile picture. Product Marketing Craft Leader @servicenow | BOD @Hypothes_is & @laketahoesnowmobilers | Dad| Skier | Investor/Advisor @DeviatePartners |Ex-PMM Lead @Atlassian

Sean Regan

@seanjregan
utollwi's profile picture. B2B Marketing Executive- Love: #Cloud | #Cybersecurity | #SaaS | #B2B | #Boston @utollwi.bsky.social Curation & Posts by me, not my employer @ElisityInc

William Toll

@utollwi
PR0GRAMMERHUM0R's profile picture. r/ProgrammerHumor

Programmer Humor

@PR0GRAMMERHUM0R
zachtrexler's profile picture. infosec? cybersecurity?

zach trexler

@zachtrexler
realpython's profile picture. Online #Python Training & Expert Community: Tutorials, Video Courses, Books, Quizzes...and More! Join 1M+ Pythonistas at https://t.co/VpjtGxdL7J

Real Python

@realpython
fsyscall's profile picture. @thepsf Triage Member | Focusing on CPython #LKD #Python #ArchLinux #Django #eBPF

furkanonder

@fsyscall
BlackTechLadies's profile picture. Founded in 2022, Black Tech Ladies is a community that's meant to empower black ladies who're in tech or looking to get involved. Stay tune for more details.

Black Tech Ladies

@BlackTechLadies
fuller_deana's profile picture. compliance champion, global #privacy #security. love tats & summer #gardens #bees #butterflies & fresh tomatoes. #WomeninTech #pinksocks

Deana

@fuller_deana
serghei's profile picture. Cybersecurity/tech reporter @BleepinComputer Signal: serghei.33

Sergiu Gatlan

@serghei
Ax_Sharma's profile picture. Infosec Researcher, Journalist | 📰 Bylines + seen on 📸 BBC, BleepingComputer, Channel 5, TechCrunch, WIRED | 🦋 Bluesky: https://t.co/7LQOdDSG1o | ✉️ ax@hey.ax

Ax Sharma

@Ax_Sharma

United States Trends

You might like

Something went wrong.


Something went wrong.