Top
image credit: Pxhere

Open source cyberattacks increasing by 650%, popular projects more vulnerable

September 17, 2021

Sonatype released a report that revealed continued strong growth in open source supply and demand dynamics. Further, with regard to open source security risks, the report reveals a 650% year over year increase in supply chain attacks aimed at upstream public repositories, and a fascinating dichotomy pertaining to the level of known vulnerabilities present in popular and non-popular project versions.

Based on survey responses collected from 702 software engineering professionals, the research observes a fundamental disconnect between people’s subjective beliefs about software chain management practices, and objective results as measured across 100,000 applications.

Read More on Help Net Security