Malicious packages on open-source registries spiked by 140% in Q3
In Q3 2025, open-source registries saw a massive 140% spike in malicious packages, with over 34,000 new malicious packages detected, according to Sonatype.
This sharp rise increases the risk for developers and organizations, as many apps and services depend on these open-source building blocks.
Hackers are now focusing on stealing developer credentials
Hackers are now focusing on stealing developer credentials and sensitive info, with 37% of malicious packages designed for data theft.
There's also a big jump in "droppers" (malware that installs other malware) and backdoor-loaded packages—up 143% from last quarter.
These tactics make it easier for attackers to stick around undetected and swipe valuable data.
Automated, AI-powered tools are now a must to keep up
With attacks getting smarter and hitting even the most-used software, old-school manual defenses just aren't enough.
Automated, AI-powered tools are now a must to keep up.
If you're building or using apps, locking down your software supply chain is more important than ever.