<ul data-eligibleForWebStory="false"><li>Sonatype Inc. reported a 188% increase in open-source malware in the second quarter of 2025, with 16,279 newly discovered malicious packages across popular ecosystems.</li><li>Data exfiltration was the primary threat, with 55% of malicious packages designed to steal sensitive data. Malware targeting data corruption more than doubled during the quarter, now representing over 3% of all malicious packages.</li><li>Cryptomining malware decreased to 5% of packages, indicating a shift towards more impactful outcomes like credential theft and espionage. The Lazarus Group, a North Korea-linked APT, was associated with 107 malicious packages.</li><li>Sonatype's Open Source Malware Index noted a rise in advanced nation-state actors using open-source software for cyber espionage and financial crimes. The report is based on the company's proprietary detection systems monitoring npm, PyPI, and Maven Central.</li></ul>

Sonatype report finds 188% spike in open-source malware in the second quarter

Discover more