Open Source Malware on the Rise
Open source malware refers to malicious code hidden within publicly shared software packages on platforms like npm, PyPI, and Hugging Face.
These platforms host free tools that developers use, making them a target for criminals who want to embed harmful code into trusted systems.
Alarming Statistics
- Sonatype's Open Source Malware Index recorded 34,319 malicious packages in the third quarter of this year.
- In total, Sonatype found 877,522 malicious packages in the last 6 years.
Attackers are now patient and well organised, using AI to embed malware directly into the tools developers rely on.
This new generation of malware is designed to look ordinary while stealing data or keeping long-term access to systems, focusing on stealth rather than noisy attacks.
Author's summary: Open source malware is rising due to AI-embedded attacks.
More News
- How former Gonzaga stars perform in NBA
- Pelicans' Questionable Offseason Trade Looks Better After Saddiq Bey's Rise
- Guadeloupean artist Kelly Sinnapah Mary wins French art prize at Art Basel Miami Beach
- NBA: Spurs at Timberwolves
- Spurs' Kelly Olynyk: Ongoing Decline in Playing Time and Role
- Kelly Osbourne — Instagram Snapshot
- When does 2026 F1 season start?
- Lightning vs. Islanders Prediction, Odds, Picks - Dec. 6
- Game Preview: Islanders vs Lightning
- Lando Norris wins his first F1 title despite Max Verstappen victory: Live updates and reaction