Olivia
Online
Phylum
@Phylum_IO
Phylum automates software supply chain security to contextualize risks, block attacks and allow organizations to only use trusted open-source code.
Joined August 2020
374 Following
328 Followers
401 Posts
๐ข Breaking news: Weโre beyond excited to announce that our malicious package analysis, detection, and mitigation technology has been acquired by @Veracode! Together, weโll take software supply chain security to the next level. Read more below:
https://t.co/MvoT1ikKlN
Phylum Exclusive Research Report by #CEO, Aaron Bray โ๏ธ 2025 Software Supply Chain Security Trends & Predictions: AI, Shadow Application Development and Nation-State Attacks - https://t.co/bj6BGDs1i1
#phylumresearch #softwaresupplychainsecurity #2025trends #CEOinsights
"In Q3 2024, Phylum identified 465,897 malicious packages in the software supply chain open source ecosystem." Read the latest Evolution of Software Supply Chain Security Report via the Phylum Research Team - https://t.co/uKk9SjsdKY [7 min read]
#DevOps #CISO #opensourceecosystem
Q3 2024 Evolution of Software Supply Chain Security Report via the Phylum Research Team - https://t.co/uKk9SjsLAw
#malciouspackages #npm #opensourceecosystem #DevOps #CISO #AppSec #acceptableuse #softwaresupplychainsecurity #CybersecurityAwarenessMonth #CyberSecurity
Who to follow
3xp0rt 
@3xp0rtblog
Malware and cybercrime | Cyber Threat Intelligence Analyst at @PRODAFT https://t.co/FMGOkGnMR8
Checkmarx
@Checkmarx
Checkmarx is how the worldโs largest enterprises can finally get ahead of application risk without slowing down development.
Red Hat Developer
@rhdevelopers
Red Hat Developer program provides no-cost software subscriptions, tutorials, and career insights to enterprise software developers and architects.
๐ Trick or treat? #Malware authors opted for the former with a series of malicious #npm packages targeting #Puppeteer users in an ongoing #typosquat campaign!
https://t.co/OP3d1v6jw6
#nodejs #npm #ethereum #opensource #javascript #cryptocurrency #cybersecurity #infosec
Subscribe to Phylum Research โ๏ธ New Report Coming Soon ๐ https://t.co/gDWUBbSCeq
#opensource #techcommunity #opensourceecosystem #softwaresupplychain #devops #CISO #AppSec #acceptableuse #techcommunity #developercommunity
Have you ever had your private #crypto keys stolen? #Malware authors have published forks of the popular Ethers library that exfiltrate private keys & give attackers #SSH access to infected machines.
https://t.co/kHS1q6DqYH
#npm #opensource #security #ethereum #cryptocurrency
@__grunet @SocketSecurity @nuget Weโve got support for dotnet and Nuget already, and have written a few research blogs on findings in those ecosystems!
Phylum For Artifact Repositories and Package Managers
https://t.co/pGWLveupMk
#opensource #techcommunity #opensourceecosystem #softwaresupplychain #DevOps #CISO #AppSec #acceptableuse #machinelearning #techcommunity #developercommunity
๐ฐ๐ตโ ๏ธ Multiple #NorthKorean state actors continue running #malware campaigns against #npm #developers, stealing credentials and financial assets.
https://t.co/WjzUlRDAoo
#dprk #moonsleet #contagiousinterview #CyberSecurity #javascript #opensource
@t3dotgg We loved the video โฅ๏ธ
@ianbishop2021 Thanks for the heads up! Reviewed on our side, and it seems to be resolving properly! We'll keep an eye on it ๐
In the last 6 months, roughly 70% of new #npm packages were #spam. What does this mean for supply chain security?
At Black Hat USA? Find us in Startup City booth SC203!
#npmjs #node #javascript #typescript #infosec #opensource
https://t.co/rKbWsiQrXC
Code sneaked into fake AWS downloaded hundreds of times backdoored dev devices https://t.co/YVcztbQMaa
We've uncovered #malware hidden in a Microsoft logo JPG, shipping as fake #AWS packages on #npm! ๐ฒ
https://t.co/BCm2vgbiKJ
#steganography #opensource #cybersecurity #npmjs #javascript #typescript #SoftwareDevelopment #informationsecurity
Advanced threat actors have not let up on their attacks against the software supply chain. We catalog recent attacks from North Korean state actors in our new blog post!
#npm #javascript #typescript #malware #cybersecurity #npmjs
https://t.co/nawJmpwr7o
@nh0x01 Technically speaking, jsdelivr will auto-convert any Github link into a resource it serves. So, as long as it's on GH, any CDN resources should be valid. With that said, we've tried to find instances of resources in our write-up that are being used, and they seem to be gone!
Supply chain attacks come in all shapes and sizes. Today Phylum Research discusses its discovery of malicious #jQuery files in #npm.
https://t.co/BJeH8ScTB0
#javascript #opensource #sbom #js #npmjs #node #CyberSecurity
Last Seen Users on Sotwe
เธฅเธธเธเนเธ
Seen from Thailand
East Coast Productions ๐ฌ๐
Seen from Lebanon
kapalฤฑ sever
Seen from Turkey
ูุญู ูููุชู๐ฐ๐ผ๐ฅ
Seen from United States
เธเธงเธขเธเธตเธ เธเธฃเธฐเธฃเธฒเธก2 เธเธฒเธเธเธญเธ เธซเธกเธนเนเธเนเธฒเธเธเธตเนเธ
Seen from Thailand
Stw bangett
Seen from Indonesia
Maryู
ุงุฑู ๐
ince รงorap sever
Seen from Turkey
Adana Sinem Derin
Seen from Turkey
cd ap tugba
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers