They’re inserting themselves directly into the software supply chain using malicious open source packages. From 2021 to 2022, the number of malicious packages published has more than quadrupled.
Learn more about how malicious packages work to compromise the software supply chain and how to defend yourself with resources from Mend’s experts on malicious open source packages.