ReversingLabs identified close to 11,200 unique malicious packages across three major open-source software platforms in 2023: npm, PyPI, and RubyGems. These findings mark an astounding 1,300% increase in malicious packages from 2020 and an increase of 28% over 2022 when a little more than 8,700 malicious packages were detected. “Over the years, we’ve closely monitored the increase of software supply chain exposures and attacks. This new report reflects the proliferation of malware across open-source and … More

The post Software supply chain attacks are getting easier appeared first on Help Net Security.