Open source has a malware problem, and it’s getting worse

AI malware can now evade Microsoft Defender — open-source LLM outsmarts tool around 8% of the time after three months of training - WorldNL Magazine

(Image credit: Shutterstock) The cybersecurity industry's giving Chicken Little a run for his money. Companies have been quick to proclaim that AI will fundamentally change the security landscape, which means every new capability added to a large language model (LLM) can be made into a "the sky is falling" moment, with the latest example being the development of AI malware that can successfully work around Microsoft Defender.Dark Reading report…

The Solidity Language open-source package was used in a $500,000 crypto heist

Attacks that leverage malicious open-source packages are becoming a major and growing threat. This type of attacks currently seems commonplace, with reports of infected packages in repositories like PyPI or npm appearing almost daily. It would seem that increased scrutiny from researchers on these repositories should have long ago minimized the profits for cybercriminals trying to make a fortune from malicious packages. However, our investigatio…

Open Source Has A Malware Problem, And It's Getting Worse - Cybernoz - Cybersecurity News

Sonatype has published its Q2 2025 Open Source Malware Index, identifying 16,279 malicious open source packages across major ecosystems such as npm and PyPI. This brings the total number of malware packages discovered by the company to 845,204. Compared to the same quarter last year, the volume of detected malware has jumped by 188%, highlighting the escalating scale and sophistication of attacks targeting developers, software teams, and CI/CD p…

Open source has a malware problem, and it’s getting worse

Sonatype has published its Q2 2025 Open Source Malware Index, identifying 16,279 malicious open source packages across major ecosystems such as npm and PyPI. This brings the total number of malware packages discovered by the company to 845,204. Compared to… Read more → The post Open source has a malware problem, and it’s getting worse appeared first on IT Security News.

Open source has a malware problem, and it's getting worse - Help Net Security

Sonatype has published its Q2 2025 Open Source Malware Index, identifying 16,279 malicious open source packages across major ecosystems such as npm and PyPI. This brings the total number of malware packages discovered by the company to 845,204. Compared to the same quarter last year, the volume of detected malware has jumped by 188%, highlighting the escalating scale and sophistication of attacks targeting developers, software teams, and CI/CD p…