Safeguard
Tag

malicious-packages

Safeguard articles tagged "malicious-packages" — guides, analysis, and best practices for software supply chain and application security.

44 articles

Open Source Security

npm supply chain attacks via malicious postinstall scripts

How a single postinstall hook in a compromised npm package can run malware at install time, real incidents from 2018-2025, and how to defend against it.

Jan 25, 20267 min read
Open Source Security

State of npm supply chain attacks

Maintainer phishing, self-propagating worms, and mass-download packages compromised: a look at the npm supply chain attack trends reshaping open source risk.

Nov 30, 20257 min read
Open Source Security

npm typosquatting campaigns roundup

A roundup of npm typosquatting campaign patterns, from dependency confusion to AI-tooling lookalikes, and how teams can detect exposure fast.

Nov 30, 20257 min read
Open Source Security

PyPI typosquatting and malicious package report

A 2026 look at PyPI typosquatting trends: attack patterns, CI/CD targeting, info-stealer payloads, and how to defend the Python supply chain.

Nov 28, 20257 min read
Open Source Security

Typosquatting in the Go module ecosystem

Typosquatting is surging across the Go module ecosystem, exploiting decentralized import paths and an immutable checksum database that makes takedowns nearly meaningless.

Nov 20, 20257 min read
Open Source Security

NuGet typosquatting campaign report

Four disclosed NuGet typosquatting campaigns since 2024 reveal a shift toward patient, audience-specific attacks — from ICS time bombs to wallet-draining homoglyphs.

Nov 15, 20257 min read
Open Source Security

Malicious Composer packages on Packagist

Three malicious Composer package campaigns hit Packagist in under a year -- each sitting undetected for months. Here's what happened and how to catch the next one faster.

Nov 13, 20257 min read
Open Source Security

Malicious Rust crates found on crates.io

Malicious crates keep surfacing on crates.io, from the rustdecimal typosquat to build-script payload attacks. Here's how the pattern works and how to defend against it.

Nov 11, 20257 min read
Open Source Security

RustSec advisory database trend report

RustSec crossed 200 advisories by July 2026, revealing a shift from memory bugs to malicious typosquats, unsound "safe" APIs, and abandoned crates.

Nov 11, 20258 min read
Open Source Security

Typosquatting on crates.io report

Safeguard's research team scanned all of crates.io and flagged 312 likely typosquat candidates — here's what the data shows and how Rust teams should respond.

Nov 10, 20257 min read
Open Source Security

How Snyk detects malicious and typosquatted open-source p...

How Snyk's research team detects malicious and typosquatted open-source packages — from name-similarity heuristics to install-script analysis and source-code provenance checks.

Aug 25, 20256 min read
Open Source Security

How Dependency Graphs Reveal Hidden Supply Chain Risk

Dependency graph analysis reveals which transitive packages can actually reach your code. From Log4Shell to the xz backdoor, see why flat scans miss what graphs catch.

Aug 12, 20258 min read
malicious-packages (Page 3) — Safeguard Blog