2024 in Open Source Malware Report
Sonatype has identified 778,529 pieces of open source malware. Explore the trends and insights from our research.
Explore open source malware insights
As enterprise developers flock to open source to build custom AI models, open source malware continues to reach new heights. To date, Sonatype has identified 778,529 pieces of open source malware since starting to track in 2019.
In this report, Sonatype researchers dive into the proliferation of open source malware in 2024, provide insights as to how threat actors use malicious open source packages to target developers, outline the most prominent campaigns of the year, and offer best practices to prevent open source malware from entering the software development lifecycle.