ReversingLabs reports a sharp rise in malicious open source packages, with npm driving most attacks as threat actors weaponise widely used dependencies to breach thousands of downstream applications.
Open source has become the primary battleground for software supply-chain attacks, with malicious packages rising 73% year-over-year in 2025, according to the ReversingLabs Software Supply Chain Security Report.
Researchers uncovered more than 10,000 malicious open source packages, with the Node Package Manager (npm) accounting for 90% of all activity, making it the dominant attack vector. The Shai-hulud campaign alone compromised over 1,000 npm packages in two waves, exposing an estimated 25,000 GitHub repositories.
Python showed improvement, with malware detections on PyPI falling 43%, from 1,575 in 2024 to 891 in 2025.
Risk also grew beyond malware. Exposed developer secrets increased 11% across npm, PyPI, NuGet and RubyGems, with npm and PyPI responsible for 95% of leaks. More than 39,000 secrets were found on npm and nearly 9,300 on PyPI. Google Cloud accounted for 23% of npm exposures and 14% on PyPI, while AWS, Slack and Telegram were also major sources. Smaller applications generated two-thirds of leaks, even as Discord, GitHub and Slack reduced incidents by roughly half.
Tomislav Pericin, Chief Software Architect at ReversingLabs, said:
“Instead of targeting little used open source projects supported by a handful of maintainers, cybercriminals are now focusing on widely used open source software projects through which malware can be injected into thousands of downstream applications.”
He urged organisations to move from passive trust to stricter reviews, contractual enforcement and security attestations, warning that AI-driven development will amplify risks unless governance improves.
