Solutions
Platform
Checkmarx One Platform
SAST
SCA
AI Security
API Security
ASPM
Codebashing
Container Security
DAST
IaC Security
Malicious Package Protection
SBOM
SSCS
Solutions
Code to Cloud
Developer Experience
DevSecOps
Supply Chain
Services
Support
Services
Maturity Assessment
Pricing
Plans & Packages
Partners
Partners
Our Partner Programs
Find a Partner
Programs
Channel Partners
GSI
Tech Partners
Existing Partners
Partner Portal
Academy
Partner Hub
Company
Checkmarx
About Us
Customers
Leadership
Awards & Recognition
News
Events
People
Careers at Checkmarx
Research
Checkmarx Zero
Get In Touch
Contact Us
Support Portal
Resources
Engage
Documentation
Packaging
Discover
Blog
Knowledge Hub
Case Studies
Events
News
Press Releases
E-books
White Papers
More resources
Checklist
Infographics & Interactives
Research & Reports
Solution Briefs
Videos
Webinars
Glossary
All Resources
Contact Us
Get a demo
Get a Demo
Yehuda Gelb
August 29, 2024
Year-Long Campaign of Malicious npm Packages Targeting Roblox Users
Read More
August 1, 2024
StackExchange Abused to Spread Malicious Python Package That Drains Victims’ Crypto Wallets
Read More
July 26, 2024
Malicious Python Package Targets macOS Developers To Access Their GCP Accounts
Read More
July 15, 2024
Malicious Python Packages Reveal Extensive Cybercriminal Operation Based in Iraq
Read More
June 28, 2024
Alert: CDN Service “polyfill.io” Used by 100K+ Websites Provided Malicious Code in Responses
Read More
April 10, 2024
New Technique to Trick Developers Detected in an Open Source Supply Chain Attack
Read More
March 4, 2024
GitHub Repos Used for Distributing Malware
Read More
February 26, 2024
Tornado Cash Theft Uncovered: Malicious Code Drains Funds for Months
Read More
February 8, 2024
The Hidden Dangers of Abandoned Digital Assets in Open-Source Ecosystems
Read More
December 22, 2023
Python Packages Leverage GitHub to Deploy Fileless Malware
Read More
December 12, 2023
How one country is impacting supply chains
Read More
November 16, 2023
Attacker – hidden in plain sight for nearly six months – targeting Python developers
Read More
November 8, 2023
Python obfuscation traps
Read More
November 1, 2023
The mosaic of 2023’s Software Supply Chain threats
Read More
October 12, 2023
Users of Telegram, AWS, and Alibaba Cloud targeted in latest supply chain attack
Read More
October 3, 2023
The evolutionary tale of a persistent Python threat
Read More
September 19, 2023
Attacker Unleashes Stealthy Crypto Mining via Malicious Python Package
Read More
September 7, 2023
A Deep Dive into 70 Layers of Obfuscated Info-Stealer Malware
Read More
September 5, 2023
Threat Actor Continues to Plague the Open-Source Ecosystem with Sophisticated Info-Stealing Malware
Read More
August 30, 2023
An Ongoing Open Source Attack Reveals Roots Dating Back To 2021
Read More
February 21, 2023
How NPM Packages Were Used to Spread Phishing Links
Read More
August 26, 2022
Automatic Execution of Code Upon Package Download on Python Package Manager
Read More