"Open Source Repository Attacks Soar 700% in Three Years"

Security researchers at Sonatype have discovered that the volume of malicious activity targeting upstream open source code repositories has hit triple-digit growth over the past three years. The security vendor claimed in newly released data to have detected a 700% rise in attacks designed to plant malware in software components, which can cause havoc when these components are used by DevOps teams downstream. The researchers identified over 55,000 newly published packages as malicious in various open source repositories over the past year and nearly 95,000 over the past three years. The researchers noted that almost every modern business relies on open source code and that stopping malicious components before they come in the door is a fundamental element of risk prevention and should be a part of every conversation around protecting software supply chains. 

Infosecurity reports: "Open Source Repository Attacks Soar 700% in Three Years"