Tagged: Brian Fox

October 18, 2025 @ 10:28 am By Tony Zerucha  |  

Sonatype, a provider of AI-centric DevSecOps, this week released the Open Source Malware Index, Q3 2025, which analyzed 34,319 open source malware packages discovered by Sonatype across major open source registries, including npm, PyPI, Hugging Face, and more. This quarter’s count brings the total number of… Read More

July 12, 2025 @ 8:08 am By Tony Zerucha  |  

Sonatype, a software supply chain security company, this week released the Q2 2025 edition of its Open Source Malware Index, uncovering 16,279 malicious open source packages across major ecosystems including npm and PyPI. This quarter’s count brings the total number of open source malware packages Sonatype has discovered… Read More