Sonatype Reports 156% Increase in OSS Malicious Packages
A new Sonatype report reveals a 156% surge in open source malware, with over 704,102 malicious packages identified since 2019, as OSS adoption continues to skyrocket
Adoption of new technologies can alter an organisation’s attack surface, requiring security controls, testing, and risk management to change.
Search across headline titles and summaries.
Background for this topic.
Adoption is the extent to which people and organizations begin using a security technology, control, policy, or practice and incorporate it into routine work. In cybersecurity, adoption is more than purchasing or deploying a capability: it includes correct configuration, user participation, and continued use. Examples include enabling multifactor authentication, applying security patches, using secure coding practices, and collecting logs from systems that require monitoring.
Adoption matters because uneven or incomplete use leaves exploitable gaps. A partially deployed authentication control may protect some accounts while others remain exposed; delayed patch adoption can leave known vulnerabilities available to attackers; and missing or poorly configured logging can limit detection and investigation. Practitioners therefore assess coverage, exceptions, configuration quality, and whether controls operate as intended. Training, usable workflows, staged rollout, and measured policy compliance can improve adoption without encouraging insecure workarounds or unnecessary collection of personal data.
A new Sonatype report reveals a 156% surge in open source malware, with over 704,102 malicious packages identified since 2019, as OSS adoption continues to skyrocket
Thomvest Ventures Leads Series B Funding to Support Privacy and Security ComplianceRelyance AI raised $32 million in Series B funding to grow its data governance platform. The funds will be used to scale operations, enhance real-time data visibility, and support enterprises in complying with complex global privacy regulations, ensuring responsible AI adoption across industries.