top | item 39857633

(no title)

I'm one of the co-founders @ Phylum. We've been tracking this campaign [1] (along with several other unrelated ones). The collective group of security researchers (Shoutout to https://vipyrsec.com/) in our Discord have been reporting these packages to PyPI for removal. If this is something you'd be interested in helping with, please join our Discord (https://discord.gg/Fe6pr5eW6p)!

Besides the gigantic analytics platform we've constructed to monitor supply chain attacks targeting open source, we've also open sourced a few tools to better mitigate attacks targeting developers. For example, a sandbox to minimize the impacts of malicious packages during installation [2] (with a pre-check to our API for known malware), which allows you to do things like

    phylum npm install <pkgName>

Happy to answer any questions about this campaign or others we've uncovered!

1. https://blog.phylum.io/typosquatting-campaign-targets-python...

2. https://github.com/phylum-dev/birdcage

discuss

No comments yet.