Malicious open source packages reach 1.346 million as attackers abuse trusted software, release paths, and developer workflows

Fulton, Md. – April 14, 2026 – Sonatype®, the leader in AI-driven DevSecOps, today unveiled the Q1 2026 Open Source Malware Index, identifying 21,764 malicious open source packages in the first quarter of the year and bringing the total logged since 2017 to 1,346,867. The npm registry continues to be the target of most new malicious attacks, at 75%, with the quarter defined by credential theft, host reconnaissance, and staged payload delivery aimed at developer and CI/CD environments.

“The biggest open source attacks in Q1 didn’t win because they were novel. They won because they abused trust already built into the software lifecycle — trusted package names, trusted tools, and trusted release workflows,” said Brian Fox, Co-founder and CTO of Sonatype. “That’s what makes modern supply chain attacks more dangerous: the problem is no longer just spotting something suspicious, it’s knowing when something familiar has been turned against you.”

Trust Abuse, Not Novelty, Defined the Most Successful Q1 Attacks

In the first three months of 2026, Sonatype observed the equivalent of one malicious package every six minutes. But the bigger story was how those attacks succeeded. Rather than relying on obvious deception, attackers increasingly used plausible packages, compromised release paths, and trusted software to gain access. Incidents such as the axios compromise and the Trivy/LiteLLM campaign showed how small changes inside trusted packages and release workflows can create outsized downstream risk.

Developer and CI/CD Environments: Primary Targets for Access, Persistence, and Reuse

The report found that 22% (~4,900) of Q1 malware exfiltrated host information, 19% (~4,200) stole secrets, and 16% (~3,500) set the stage for secondary payloads — clear signals that attackers are targeting developer machines and software delivery infrastructure for reusable access. These campaigns were built to capture tokens, keys, cloud credentials, and other secrets that can be reused across repositories, build systems, and production environments. SANDWORM_MODE, in particular, highlighted how open source malware is becoming more adaptive and better suited to spreading through developer and CI environments.

npm Remained the Dominant Ecosystem for Malware Distribution and Downstream Reach

With npm seeing the equivalent of 46 malicious packages per day, the JavaScript ecosystem remained the leading distribution channel for open source malware in Q1. PyPI saw 18% of total malware in Q1, with other registries significantly lower, signaling that attackers are concentrating on the ecosystems that offer the greatest scale, speed, and downstream reach. For defenders, that means the most widely used registries remain some of the most attractive channels for malware delivery.

Backed by Sonatype’s industry-leading security research team, Sonatype Repository Firewall helped customers prevent 136,107 open source malware attacks in Q1. To explore the full findings from the Q1 2026 Open Source Malware Index and access additional software supply chain guidance, visit Sonatype Guide.

About Sonatype

Sonatype is the leader in AI-driven DevSecOps. As the maintainers of Maven Central and creators of Nexus Repository, Sonatype has spent two decades pioneering how the world manages and secures open source software — making Sonatype the trusted authority for modern software supply chains. With unmatched open source visibility and a unified product suite built for modern software development, Sonatype gives enterprises the intelligence and automated governance they need to harness the full potential of open source and AI. Sonatype handles the complexity behind the scenes: guiding component and model selection, blocking harmful malicious code, automating dependency and vulnerability management, and ensuring faster, more reliable builds — so developers spend more time on innovation and less time on remediation and rework. Trusted by more than 15 million developers, Sonatype helps power secure, modern software development at nearly 2,000 global organizations including 70% of the Fortune 100. To learn more about Sonatype, please visit www.sonatype.com.