eWeek

Open Source Malware Surges 140% in Q3

eSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly ...

Sonatype Releases Q1 2026 Open Source Malware Index: Trust Abuse Most Successful Attack Vector

Backed by Sonatype's industry-leading security research team, Sonatype Repository Firewall helped customers prevent 136,107 open source malware attacks in Q1. To explore the full findings from the Q1 ...
Security Boulevard

Self-Propagating npm Malware Turns Trusted Packages Into Attack Paths

TL;DR An open source malware campaign dubbed CanisterSprawl has been observed in npm, stealing sensitive data from developer ...
SiliconANGLE

Sonatype report finds 188% spike in open-source malware in the second quarter

Software supply chain management firm Sonatype Inc. today said it found a sharp rise in malicious activity targeting software developers and supply chains in the second quarter. The company’s Q2 2025 ...
Seeking Alpha

Malware Targeting Developers Reaches 845K Packages According to Sonatype Open Source Malware Index

Sonatype®, the end-to-end software supply chain security company, today released the Q2 2025 edition of its Open Source Malware Index, uncovering 16,279 malicious open source packages across major ...
Dark Reading

Malicious Open Source Packages Spike 188% YoY

Due to automation and a high-reward, low-risk threat environment, open source malware increased 188% year over year in the second quarter of this year. Supply-chain security vendor Sonatype today ...
Crowdfund Insider

Open-Source Software Malware Surging: Endor Labs

Malware in open source software is no longer a fringe threat–it’s accelerating at an unprecedented rate. In 2025 alone, more than 90% of open source vulnerability (OSV) malware advisories were ...
Business Insider

Open Source Malware Surges 140% in Q3 as Attackers Target Data and Trusted Dependencies

Fulton, Md., Oct. 15, 2025 (GLOBE NEWSWIRE) -- Sonatype®, the leader in AI-centric DevSecOps, today released the Open Source Malware Index, Q3 2025, which analyzed 34,319 open source malware packages ...
GCN

Researchers warn of surge in Stealerium malware attacks

Researchers in cybersecurity are worried about Stealerium, an open-source malware that was theoretically phased out years ago but has now experienced its first unexpected resurgence. According to ...
Crowdfund Insider

Sonatype’s Q3 Open Source Malware Index Shows Hackers Are Playing the Long Game

Sonatype, a provider of AI-centric DevSecOps, this week released the Open Source Malware Index, Q3 2025, which analyzed 34,319 open source malware packages discovered by Sonatype across major open ...
Business Insider

Sonatype Releases Q1 2026 Open Source Malware Index: Trust Abuse Most Successful Attack Vector

Fulton, Md., April 14, 2026 (GLOBE NEWSWIRE) -- Sonatype®, the leader in AI-driven DevSecOps, today unveiled the Q1 2026 Open Source Malware Index, identifying 21,764 malicious open source packages in ...