Security experts have warned of surging cyber risk in open source ecosystems, having detected three times more malicious packages in 2023 than last year. Sonatype’s 9th Annual State of the Software Supply Chain Report is compiled from proprietary and public data and analysis including dependency update patterns for more than 400 billion Maven Central downloads.

Source: Infosecurity