Less malware, more risk: The changing face of open-source security

Instances of malware on open-source software repositories dropped in 2024 — but OSS risk is on the rise. Here’s what you need to know.

Paul Roberts, Director of Content and Editorial at RL

The ReversingLabs research team found some good news when it comes to the security of open-source software (OSS): Incidents of malware lurking on OSS repositories dropped dramatically in 2024, data from RL’s "2025 Software Supply Chain Security Report" shows. But there's bad news too. Despite the decline in malware, software supply chain risks coming from OSS grew last year.

The third annual report found that attacks targeting OSS packages and the development organizations that rely on them were common in the past year, despite efforts to improve the security of popular package managers.

Here's what your organization needs to know about the changing face of OSS risk.

Download: 2025 Software Supply Chain Security ReportSee the SSCS Report Webinar

The weakest link: Volunteer labor at OSS repos

The incidents highlighted in RL’s report include the sophisticated, years-long campaign to infiltrate the XZ Utils open-source project, which was first reported in March of last year. The campaign culminated in a malicious actor who was using the handle “Jia Tan” (JiaT75) being elevated to package maintainer for the XZ Utils project and then injecting malicious code into two versions of the widely used XZ Utils compression library. The code allowed attackers with a private key to gain access to affected Linux systems.

That attack played on a long-recognized weakness in OSS: its reliance on unpaid, volunteer labor to contribute to the code and even manage what are often popular code modules that sport hundreds or even thousands of dependent applications. In the case of XZ Utils, malicious actors targeted Lasse Collin, the longtime maintainer of XZ Utils, with “Jia Tan” gaining his trust through a series of legitimate code contributions and a chorus of “sock puppet” developer accounts raising complaints about XZ Utils and hounding Collin to do more to update the project.

Bad actors exploit OSS infrastructure

Targeted, hands-on attacks on overworked OSS maintainers weren’t the only threat facing open source projects and the software developers and producers that rely on them. In the past year, malicious actors leveraged flaws in OSS package managers to further their goals, including:

Ultralytics attack: In December, attackers used a GitHub Actions script-injection flaw to breach the Ultralytics AI library’s build environment, steal API tokens, and implant malicious code.
SSH key theft at npm: In January 2024, researchers found that two npm packages (warbeast2000, kodiak2k) were stealing SSH keys from developer systems and storing them on GitHub.

A glimmer of hope: Less malware

All this malicious activity comes amid a notable drop in instances of malicious code on open-source package managers. Data from RL’s Spectra Assure software supply chain security tool shows a steep decline in malicious packages detected on common OSS platforms, including:

npm, Python Package Index (PyPI), and RubyGems: Combined, incidents of malicious packages being detected on the three main open-source repositories declined by 70% between 2023 and 2024.
PyPI: Detections of malicious packages on PyPI dropped by 87% in the first nine months of 2024, and 6,500 fewer malicious packages were detected in 2024 compared to 2023.

bar graph showing drop in malware from 2023 to 2024

The drop follows years of rapidly increasing malware incidents on open-source package managers. Between 2020 and 2023, RL researchers noted a 1,300% jump in instances of malicious code on OSS repos. In RL's 2024 report, researchers noted that growth slowed in 2023 and then dropped dramatically. Much of this decline is attributed to improved OSS security measures, including:

Mandatory two-factor authentication (2FA) in major OSS package managers strengthened access control.
OpenSSF's Malicious Packages Repository, launched in 2023, has improved threat detection and coordination for OSS code.

Chronic OSS problems, chronic risks

So how is it that OSS risk continues to grow? A variety of OSS security failings are now fueling malicious campaigns. Those include endemic problems such as leaked developer secrets, which expose sensitive credentials, API tokens, and other information. RL researchers noted a 12% increase in secrets leaks in 2024, even as the number of malware incidents dropped. Such leaks can allow bad actors to carry out attacks on downstream organizations.

Then there's the chronic insecurity of OSS code. For its 2025 Software Supply Chain Security Report, RL researchers scanned the top 30 OSS packages from the repositories npm, PyPI, and RubyGems to get a sense of the overall quality of these high-traffic packages. The findings, including these, were sobering:

Vulnerabilities are getting more severe. An average of 68 vulnerabilities across the 30 packages that RL scanned contained an average of six critical-severity and 33 high-severity vulnerabilities per package.
“Code rot” — a reliance on old, unmanaged, and out-of-date code — runs rampant. Some widely used OSS packages with thousands or millions of weekly downloads have gone years without an update and are full of exploitable vulnerabilities.

Even actively managed OSS projects routinely are afflicted with code rot. For example, in RL's 2025 report, researchers analyzed Torchvision, a Python package with 3.4 million weekly downloads — and 10 package updates in the last year. RL identified 45 vulnerabilities in the latest, scanned version of the package, four dating back more than six years. The vulnerabilities also include eight with a critical-severity rating and 24 with a high-severity rating. One is considered “patch-mandated” — and is being actively exploited by malware.

Popularity does not equal security

The message for software publishers and their customers is clear: When it comes to using OSS, don’t equate popularity and downloads with security and code quality. Open-source projects, like their closed-source counterparts, regularly turn a blind eye to security issues in their rush to push out new features.

With Torchvision, for example, the level of total-severity, critical-severity, and high-severity vulnerabilities stayed more or less constant across the 10 most recent software releases. Our analysis found that many other popular packages on major open-source repositories contain similar collections of critical and exploitable holes as well as other security risks.

Knowing about these in advance can empower your development organization’s decision about which OSS packages to incorporate into your applications and enable you to mitigate security risks before malicious attackers discover and exploit them. That makes it critical to have the tools needed to peer into and assess the OSS and commercial, third-party software you produce and consume.

Get a deeper understanding of OSS risk — and how to properly manage it — with RL’s 2025 Software Supply Chain Security Report.

Keep learning

Read the 2025 Gartner® Market Guide to Software Supply Chain Security. Plus: Join RL's May 28 webinar for expert insights.
Get the white paper: Go Beyond the SBOM. Plus: See the Webinar: Welcome CycloneDX xBOM.
Go big-picture on the software risk landscape with RL's 2025 Software Supply Chain Security Report. Plus: See our Webinar for discussion about the findings.
Get up to speed on securing AI/ML with our white paper: AI Is the Supply Chain. Plus: See RL's research on nullifAI and replay our Webinar to learn how RL discovered the novel threat.
Learn how commercial software risk is under-addressed: Download the white paper — and see our related Webinar for more insights.

Explore RL's Spectra suite: Spectra Assure for software supply chain security, Spectra Detect for scalable file analysis, Spectra Analyze for malware analysis and threat hunting, and Spectra Intelligence for reputation data and intelligence.

Tags:AppSec & Supply Chain Security