Open source malware activity during 2025 concentrated on a single objective: executing code inside developer environments, according to Sonatype. The focus reflected a broader shift in supply chain attacks away from end users and toward the tools, machines, and pipelines used to build software in the first place. Key takeaways (Source: Sonatype) Malware campaigns scaled through registries Researchers identified more than 450,000 new malicious open source components during the year. Attackers published large batches of … More →
The post Open-source malware zeroes in on developer environments appeared first on Help Net Security.
http://news.poseidon-us.com/TQdBZG
