Open-Source Security Threats Surge Amid Increasing Usage
SC Media, Friday, October 11th, 2024
SiliconAngle reports that malicious open-source packages reached 512,847 during the past 12 months, a 156% year-over-year increase, as downloads for open-source software exceeded 6.6 trillion, most of which were for JavaScript requests.
Such escalating threats, which are exacerbated by being increasingly undetected by traditional security software, have not corresponded to improved security practices, with 95% of flawed OSS components still being downloaded during the past year despite the availability of more secure versions, according to a study from Sonatype.