Sonatype’s 2024 Open Source Malware Threat Report reveals that the number of malicious packages has surpassed 778,500 since tracking began in 2019. In 2024, researchers examined how threat actors leverage malicious open-source packages to target developers, particularly as enterprises increasingly adopt open-source tools to build custom AI models. Source: Sonatype Open source malware thrives in ecosystems with low entry barriers, no author verification, high usage, and diverse users. Platforms like npm and PyPI, which handle … More

The post Open source malware up 200% since 2023 appeared first on Help Net Security.