CVSS Scores

Sonatype Report Flags Industrialized Open‑Source Malware as Downloads Reach 9.8 Trillion

The 2026 analysis details a shift to install‑time attacks that target developer environments through large‑scale registry abuse.