"New Vulnerabilities in Open Source Packages Down 20% Compared to Last Year"

Researchers at Snyk have discovered that new vulnerabilities in open source packages are down 20 percent compared to last year, suggesting that the security of open source containers and packages are heading in a positive direction.  Cross-site scripting vulnerabilities were the most commonly found by the researchers.  They also found that SQL Injection vulnerabilities are decreasing prevalence in most ecosystems, but have increased over the last three years in PHP packages.  

Help Net Security reports: "New Vulnerabilities in Open Source Packages Down 20% Compared to Last Year"