Webinar | April 14, 2026 11:00 AM EDT

The Evolution of Open Source Malware

The 2026 State of the Software Supply Chain Report (SSCR) highlighted a shift in how open source malware operates — moving beyond sheer volume toward more targeted, sophisticated attacks on developers and build systems. The result? 1.233M malicious packages which now largely skew toward nontrivial, critical threats.

Now, the Q1 2026 Open Source Malware Index makes that shift explicit.

Join Sonatype’s security researcher and product expert as they connect the trends identified in the SSCR with real-world incidents from Q1, breaking down how attackers are evolving — and what it means for your organization today.

What You'll Learn:

How open source malware has evolved from high-volume registry abuse to trust-based attacks — or “trust abuse” — on developer workflows
Why trusted tools, transitive dependencies, and release paths are now central parts of the attack surface
What incidents like SANDWORM_MODE, the Trivy/LiteLLM compromise, and the axios attack reveal about attacker behavior in 2026
How attackers are targeting developer machines and CI/CD environments for credentials, tokens, and persistence
Practical strategies to protect your software supply chain before code reaches production

Featured Speaker

Meredith Eisen

Director of Product Management

Garrett Calpouzos

Principal Security Researcher

The Evolution of Open Source Malware

Featured Speaker

Meredith Eisen

Garrett Calpouzos

Related Resources

Modernizing Nexus Repository: Moving Beyond OrientDB

How Sonatype's Container Scanning Protects You From Zero-Days

Is Your Repository Ready for What's Next?