Safeguard
Tag

malware

Safeguard articles tagged "malware" — guides, analysis, and best practices for software supply chain and application security.

32 articles

Research

OSS Malware Trends Q1 2026 (Safeguard Research)

The Safeguard Research team analyzed first-quarter 2026 malicious package telemetry across npm, PyPI, RubyGems, and crates.io. Here is what the data shows.

Jan 22, 20267 min read
Open Source Security

Malicious npm packages targeting developers in 2025

A year-end look at 2025's npm supply chain attacks—chalk/debug phishing, the Shai-Hulud worm, and industrialized malware campaigns—and how to defend against them.

Nov 30, 20257 min read
Container Security

Docker Hub malicious image report

Researchers estimate roughly 3% of public Docker Hub images carry malicious payloads. Here's what's inside them, how they spread, and how to defend your pipeline.

Nov 18, 20257 min read
Container Security

Docker Hub typosquatting of official images

Attackers are cloning popular Docker Official Images under lookalike names, tricking `docker pull` into fetching malware instead of trusted base images.

Nov 17, 20257 min read
Supply Chain Security

PyPI Malicious Packages 2025: Python's Growing Supply Chain Problem

PyPI faced a surge of malicious package uploads in early 2025, targeting data science, AI/ML, and cloud development workflows. Here's the full picture.

Mar 28, 20256 min read
Threat Intelligence

Office Document Macro Security: The Attack Vector That Will Not Die

Microsoft disabled macros by default in 2022. Attackers adapted. The macro threat has evolved, not disappeared.

Sep 8, 20245 min read
Open Source Security

PyPI Supply Chain Attacks: Q1 2024 Roundup

Q1 2024 brought typosquats, stealer campaigns, and a week-long new-user freeze on PyPI. Here is what the attacks looked like and how to defend.

Apr 22, 20245 min read
Vulnerability Management

PDF Supply Chain Attack Vectors: When Documents Become Weapons

PDFs are trusted by default in most organizations. That trust makes them a potent vector for supply chain attacks. Here is how the attacks work.

Feb 22, 20245 min read
Supply Chain Attacks

Massive PyPI Malware Campaign Targets Developers with Credential Stealers

A sustained campaign flooded PyPI with hundreds of malicious packages using typosquatting and dependency confusion to steal credentials and cryptocurrency from developers.

Sep 5, 20235 min read
Vulnerability Analysis

WinRAR Zero-Day CVE-2023-38831: Weaponized Archives in the Wild

A WinRAR vulnerability exploited since April 2023 allowed attackers to execute arbitrary code when users opened seemingly harmless files inside ZIP archives.

Aug 20, 20235 min read
Open Source Security

The March 2023 PyPI Malware Wave

PyPI paused new user registration for most of May 20-23 after a March wave of typosquats and info-stealers flooded the index. Here is what happened and why.

Mar 28, 20235 min read
Supply Chain Attacks

ESLint Supply Chain Attack: Malicious npm Packages Targeting Developers

Attackers published malicious packages impersonating ESLint on npm, exploiting developer trust in the popular linting tool to steal credentials.

Feb 3, 20236 min read
malware (Page 2) — Safeguard Blog