Malicious packages on npm, PyPI, and other registries increased 156% year-over-year to over 512,000 in 2024, and registries lack the staff to review them

Sonatype's 2024 State of the Software Supply Chain report documented 512,847 malicious packages discovered across open source registries in a single year, a 156% increase over the previous year, with techniques including typosquatting, dependency confusion, and protestware. In 2025, malware on open source platforms rose a further 73%. Why it matters: developers install malicious packages that steal credentials, SSH keys, and crypto wallets from development machines, so compromised developer credentials provide access to production systems and source code repositories, so attackers use stolen npm tokens to publish trojanized versions of legitimate packages, so the malicious package becomes a force multiplier infecting all downstream consumers, so trust in the entire open source package ecosystem erodes, slowing adoption and increasing costs. The structural root cause is that package registries like npm (with 2.5+ million packages) and PyPI operate with minimal staff -- npm has no pre-publication security review, anyone can publish any package name, and the registries rely on post-hoc detection by volunteer security researchers and automated scanners rather than preventing malicious uploads, because the registries were designed for developer convenience in an era before software supply chain attacks became industrialized.