Overview
- Researchers logged 454,648 new malicious packages in 2025, with the total catalog surpassing 1.233 million across major ecosystems.
- Open‑source consumption climbed to 9.8 trillion downloads last year, and 86% of Maven Central traffic came from cloud providers, reflecting automated, repeat builds.
- Malware campaigns increasingly use public registries to seed initial access into CI/CD and developer machines, with npm bearing the highest volume and rapid republishing after takedowns.
- AI introduced new failure modes as testing of roughly 37,000 LLM‑assisted upgrades showed about 28% hallucinated versions or unsafe picks, including instances of recommending malicious packages.
- Severe risk persists as 40% of vulnerable Maven releases and 39% of NuGet releases scored CVSS 9.0+, two‑thirds of OSS CVEs lacked NVD scoring, and Log4Shell still saw 42 million downloads in 2025.